last executing test programs:

5m25.922312008s ago: executing program 0 (id=527):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x2b0d89bdc3ab4fb2, 0x0, 0x0)

5m25.573186005s ago: executing program 0 (id=532):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000000)={0x2, 0x100, 0x2, {0x0, 0x40000008}})

5m24.380027095s ago: executing program 0 (id=535):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
mount(0x0, 0x0, 0x0, 0x18400, 0x0)
chroot(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001fff000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00008, 0x0, 0x50032, 0xffffffffffffffff, 0x0)

5m23.223712503s ago: executing program 0 (id=536):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r2, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = dup3(r2, r3, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000001f00)=""/4106, 0xfffffffffffffccb, 0x0, 0x0}, &(0x7f0000000080)=0x40)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000001400)=""/200, 0xfffffffffffffecd, 0x0, 0x0}, &(0x7f0000001380)=0x40)

5m17.151402002s ago: executing program 0 (id=555):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000340)=ANY=[@ANYRES16], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$EVIOCGPROP(0xffffffffffffffff, 0x80404509, &(0x7f0000000440)=""/77)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$NL802154_CMD_GET_WPAN_PHY(0xffffffffffffffff, 0x0, 0x40000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001240)=ANY=[@ANYBLOB="0f00000004000000080000000100000000000000", @ANYRES32, @ANYBLOB="00000010000000ddff000000618d5f5a00000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x37)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="ac000000", @ANYRES16=0x0, @ANYBLOB="000129bd86c0da0eb29eeb5e737e62dec1267000ffdbdf251100000058000180080003000200200008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="080003000100000008000100", @ANYRES32=0x0, @ANYBLOB="1400020076657468305f766c616e0000000000000800030002000000080003000300000008000300030000001400018008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="2c000180140002006970365f7674693000000000000000001400020076657468305f6d616376746170000000"], 0xac}, 0x1, 0x0, 0x0, 0x800}, 0x1)
close(r3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000004008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)={@map=r4, r7, 0x5, 0x0, 0x0, @void, @value}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r4}, &(0x7f0000000100), &(0x7f0000000140)=r3}, 0x20)
sendmsg(r5, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000001680)=[{&(0x7f0000001400)='H', 0x20001401}], 0x1}, 0x0)

5m14.635452199s ago: executing program 0 (id=559):
r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0)
setsockopt$MRT6_FLUSH(0xffffffffffffffff, 0x29, 0xd4, 0x0, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
openat$ptp0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYRESDEC=0x0])
io_uring_setup(0xd47, &(0x7f00000000c0)={0x0, 0x9f23, 0x10, 0xfffffffc, 0x38e})
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r3, 0x3ba0, &(0x7f00000003c0)={0x48, 0xc, r4, 0x0, 0x0, 0x200000000})
ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f0000000000)={0x28, 0x2, r4, 0x0, &(0x7f0000ff7000/0x3000)=nil, 0x3000})

4m59.435210462s ago: executing program 32 (id=559):
r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0)
setsockopt$MRT6_FLUSH(0xffffffffffffffff, 0x29, 0xd4, 0x0, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
openat$ptp0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYRESDEC=0x0])
io_uring_setup(0xd47, &(0x7f00000000c0)={0x0, 0x9f23, 0x10, 0xfffffffc, 0x38e})
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r3, 0x3ba0, &(0x7f00000003c0)={0x48, 0xc, r4, 0x0, 0x0, 0x200000000})
ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f0000000000)={0x28, 0x2, r4, 0x0, &(0x7f0000ff7000/0x3000)=nil, 0x3000})

1m30.758057415s ago: executing program 6 (id=1239):
r0 = socket$inet6(0xa, 0x6, 0x0)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
r2 = dup2(r0, r1)
setsockopt(r1, 0x10d, 0xf, &(0x7f00001c9fff)="03", 0x1)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r2, 0xebca)
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r3, &(0x7f0000000340)={0x2, 0x4e23, @empty=0x1700000000000000}, 0x10)

1m30.089213742s ago: executing program 6 (id=1240):
openat$uinput(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x3, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f0000000040)={0x6, 0x1, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r3, 0xc058560f, &(0x7f0000000140)=@multiplanar_mmap={0x0, 0x1, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "e6dd3c3d"}, 0x0, 0x1, {0x0}})

1m24.198961191s ago: executing program 6 (id=1256):
close(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = gettid()
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ppoll(&(0x7f0000000100), 0x0, 0x0, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='io.stat\x00', 0x26e1, 0x0)
r5 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r5, 0x1, 0xf, &(0x7f00000002c0), 0x161)
setsockopt$sock_attach_bpf(r5, 0x1, 0x31, &(0x7f0000000640)=r4, 0x4)
fcntl$setown(0xffffffffffffffff, 0x8, r3)

1m21.446160187s ago: executing program 6 (id=1260):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x3, 0x0, "7e12ddc5a89047bf00"})
r1 = syz_open_pts(0xffffffffffffffff, 0x0)
ioctl$TIOCSETD(r1, 0x541e, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet(0x2, 0x0, 0x8d)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x9101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000280)='./file0\x00', &(0x7f0000002100)='./file0/file0\x00', 0x0, 0x2187017, 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='devpts\x00', 0x0, 0x0)

1m19.567269955s ago: executing program 6 (id=1264):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x9e7, 0x4)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000380)={0x2, 0x4e22, @multicast2}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x800000000f, &(0x7f0000000080)=0x7, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000000)=0x2, 0x4)
bind$inet6(r2, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f00000000c0)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
r7 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r7, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r7, 0x7a0, &(0x7f0000000000)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r7, 0x7a8, &(0x7f0000000640)={{@my=0x1}, @hyper, 0x0, 0x2925, 0x0, 0x20000000, 0xfffffffffffffffd})
ioctl$IOCTL_VMCI_QUEUEPAIR_SETVA(r7, 0x7a4, &(0x7f0000000040)={{@my=0x1}})

1m17.1227783s ago: executing program 6 (id=1270):
getpid()
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
pipe2(&(0x7f0000000040), 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "00009200000000000000000000000058b200"})
syz_open_pts(r0, 0x0)
poll(&(0x7f0000000080)=[{r0}], 0x1, 0x5182)

1m16.205680103s ago: executing program 33 (id=1270):
getpid()
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
pipe2(&(0x7f0000000040), 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "00009200000000000000000000000058b200"})
syz_open_pts(r0, 0x0)
poll(&(0x7f0000000080)=[{r0}], 0x1, 0x5182)

1m11.335531838s ago: executing program 5 (id=1283):
openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c003d000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f00000026c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
landlock_create_ruleset(&(0x7f00000000c0), 0x10, 0x0)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8983, 0x0)
r3 = io_uring_setup(0x7c91, &(0x7f0000000180)={0x0, 0x0, 0x2})
io_uring_setup(0x75e5, &(0x7f00000000c0)={0x0, 0x0, 0x22, 0x0, 0x0, 0x0, r3})

1m8.957582418s ago: executing program 5 (id=1288):
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'})
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff}, 0x4080)
tee(r0, r0, 0x7ff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='net\x00')
getdents64(r3, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket(0x2a, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="4400000010000d042abd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="01000000000000002400128009000100626f6e640000000014000280050001000500000005001b00000000009213a688095c7579aaf3c3564f1fc500c7300da1943f41c320b372606d62afe29de90996ad0e3ac0c611feed0ebb310f38adbe600f838d6f7defc7ffc164be268000739990b751c8359caf4d58c22576ddd1fee00a7bb5bb12b19fc5fd93594b9239da65dc7224afbceaf6f9699a1e7601a3d22109e9ed"], 0x44}}, 0x0)

1m5.336151904s ago: executing program 5 (id=1294):
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r3, 0x4c80, 0xffffffffffffffb6)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)

1m4.0254321s ago: executing program 5 (id=1296):
openat$uinput(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x3, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x6, 0x1, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r1, 0xc058560f, &(0x7f0000000140)=@multiplanar_mmap={0x0, 0x1, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "e6dd3c3d"}, 0x0, 0x1, {0x0}})

1m2.936028507s ago: executing program 5 (id=1300):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0xc8, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_TAGLST={0x14, 0x4, 0x0, 0x1, [{0x5}, {0x5}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0x90, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}, {0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}, {0x4}, {0xc, 0x5, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0x4c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}]}]}, 0xc8}}, 0x0)

1m2.322682383s ago: executing program 5 (id=1305):
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'})
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff}, 0x4080)
tee(r0, r0, 0x7ff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='net\x00')
getdents64(r3, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket(0x2a, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="4400000010000d042abd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="01000000000000002400128009000100626f6e640000000014000280050001000500000005001b00000000009213a688095c7579aaf3c3564f1fc500c7300da1943f41c320b372606d62afe29de90996ad0e3ac0c611feed0ebb310f38adbe600f838d6f7defc7ffc164be268000739990b751c8359caf4d58c22576ddd1fee00a7bb5bb12b19fc5fd93594b9239da65dc7224afbceaf6f9699a1e7601a3d22109e9ed"], 0x44}}, 0x0)

47.17366625s ago: executing program 34 (id=1305):
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'})
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff}, 0x4080)
tee(r0, r0, 0x7ff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='net\x00')
getdents64(r3, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket(0x2a, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="4400000010000d042abd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="01000000000000002400128009000100626f6e640000000014000280050001000500000005001b00000000009213a688095c7579aaf3c3564f1fc500c7300da1943f41c320b372606d62afe29de90996ad0e3ac0c611feed0ebb310f38adbe600f838d6f7defc7ffc164be268000739990b751c8359caf4d58c22576ddd1fee00a7bb5bb12b19fc5fd93594b9239da65dc7224afbceaf6f9699a1e7601a3d22109e9ed"], 0x44}}, 0x0)

9.897603663s ago: executing program 4 (id=1404):
accept4$rose(0xffffffffffffffff, &(0x7f0000000000)=@short={0xb, @remote, @null, 0x1, @null}, &(0x7f0000000040)=0x1c, 0x80000)

9.869421652s ago: executing program 2 (id=1405):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
syz_emit_ethernet(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
fcntl$notify(r3, 0x402, 0x29)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r4, &(0x7f000001a240)=""/102400, 0x19000, 0x0)

9.634772128s ago: executing program 4 (id=1406):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="140000"], 0x50)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r3, 0x0, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r4, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r5, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
r6 = fcntl$dupfd(r5, 0x0, r5)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x14, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x10000082}, 0x4000080)
sendmsg$IPVS_CMD_GET_CONFIG(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x14}}, 0x0)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x2, &(0x7f0000000100)=@gcm_128={{0x304}, "fd9192068590ef44", "4ded6853efa14266912ec2cb350be183", "15861006", "84d6d4ab8749281f"}, 0x28)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x0)

8.331773851s ago: executing program 4 (id=1408):
io_setup(0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000040), 0x75, 0x109301)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b00ffffffffffffffff942fe811a52149e03ee130193deee72374295c4a13", @ANYRES32=0x1, @ANYBLOB='\b\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x50)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000000)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote={0xac, 0x3}, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)
unshare(0x62040200)

7.189045206s ago: executing program 1 (id=1410):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, 0x0, 0x20008000)
r4 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_TABLE(r4, 0x29, 0xd1, &(0x7f0000000040)=0xfe, 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240))
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x101000, 0x0)
ppoll(&(0x7f0000000180)=[{r5}, {0xffffffffffffffff, 0x1000}], 0x2, &(0x7f00000001c0)={0x77359400}, &(0x7f0000000200)={[0x6578]}, 0x8)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0xd, &(0x7f0000000040)=@assoc_value={<r7=>0x0}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000100)={r7}, &(0x7f0000002380)=0x18)
r8 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_G_EXT_CTRLS(r8, 0xc0205649, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x98f905, 0xffffffff, '\x00', @string=&(0x7f0000000100)=0x8f}})
r9 = openat$vmci(0xffffff9c, &(0x7f0000001640), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r9, 0x7a7, &(0x7f0000000040)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r9, 0x7a0, &(0x7f00000000c0)={@hyper})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r9, 0x7b0, &(0x7f0000001100)={0x0})

5.927254682s ago: executing program 1 (id=1412):
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="d0000000", @ANYRES16=0x0, @ANYBLOB="010004000000fbdbdf250100000008000100010000000800020001000000ac000c8054000b800800090050ee645e08000a00a58d00000800090052391d0208000a00cafc000008000900816e4a6208000a007451000008000a00aaef000008000900c50f1f0308000a00cae1000008000900d0ce38130c000b80080009006c8315520c00f37923475ed36730a0255b68a865c4250b8008000a000f"], 0xd0}, 0x1, 0x0, 0x0, 0x24048000}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e000000180002"], 0x50}}, 0x0)

5.825413233s ago: executing program 3 (id=1413):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0xc8, r1, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_TAGLST={0x14, 0x4, 0x0, 0x1, [{0x5}, {0x5}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0x90, 0x8, 0x0, 0x1, [{0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}, {0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}, {0x4}, {0xc, 0x5, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}]}, {0x4c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8}]}]}]}, 0xc8}}, 0x0)

5.761774768s ago: executing program 3 (id=1414):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000005c0)={0xa4, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x6f, 0xe, {{{}, {}, @device_b, @device_b}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ibss_ssid}, @val, @void, @void, @void, @val={0x5, 0x3}, @void, @val={0x2a, 0x1}, @void, @val={0x2d, 0x1a}, @val={0x72, 0x6}, @val={0x71, 0x7}, @val={0x76, 0x6}}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}], @NL80211_ATTR_BEACON_INTERVAL={0x8}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20000044}, 0x0)

5.450175448s ago: executing program 3 (id=1415):
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')

5.400682231s ago: executing program 1 (id=1416):
socket$kcm(0x21, 0x0, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0)
openat$apparmor_thread_current(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000040)=0x10000)
read$dsp(r3, &(0x7f00000000c0)=""/108, 0x6c)
read$dsp(r3, &(0x7f0000000200)=""/168, 0xa8)

5.368011796s ago: executing program 2 (id=1417):
accept4$rose(0xffffffffffffffff, &(0x7f0000000000)=@short={0xb, @remote, @null, 0x1, @null}, &(0x7f0000000040)=0x1c, 0x80000)

5.221362896s ago: executing program 2 (id=1418):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="140000"], 0x50)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r3, 0x0, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r4, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r5, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r5, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
r6 = fcntl$dupfd(r5, 0x0, r5)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x14, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x10000082}, 0x4000080)
sendmsg$IPVS_CMD_GET_CONFIG(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x14}}, 0x0)
setsockopt$inet6_tcp_TLS_TX(r5, 0x11a, 0x2, &(0x7f0000000100)=@gcm_128={{0x304}, "fd9192068590ef44", "4ded6853efa14266912ec2cb350be183", "15861006", "84d6d4ab8749281f"}, 0x28)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x0)

4.938318503s ago: executing program 3 (id=1419):
syz_genetlink_get_family_id$netlbl_cipso(0x0, 0xffffffffffffffff)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
sendmsg$inet6(r0, &(0x7f0000000080)={&(0x7f0000000340)={0xa, 0x4e24, 0x7fffe, @mcast1}, 0x1c, 0x0}, 0x0)

4.398664535s ago: executing program 1 (id=1420):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000080)={'wpan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000021000000080003", @ANYRES32=r1, @ANYBLOB='$\x00-'], 0x40}}, 0x0)

3.981074093s ago: executing program 3 (id=1421):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee7, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r3=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f00000001c0)={r3, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GET_LEASE(0xffffffffffffffff, 0xc01064c8, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, &(0x7f0000000480)={&(0x7f00000004c0)=[0x0, 0x0], &(0x7f0000000040), 0x2, r4})
openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$SNDCTL_SEQ_NRSYNTHS(r5, 0x4004510f, &(0x7f0000001b80))

3.9789164s ago: executing program 4 (id=1422):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, 0x0, 0x20008000)
r4 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_TABLE(r4, 0x29, 0xd1, &(0x7f0000000040)=0xfe, 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240))
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x101000, 0x0)
ppoll(&(0x7f0000000180)=[{r5}, {0xffffffffffffffff, 0x1000}], 0x2, &(0x7f00000001c0)={0x77359400}, &(0x7f0000000200)={[0x6578]}, 0x8)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0xd, &(0x7f0000000040)=@assoc_value={<r7=>0x0}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000100)={r7}, &(0x7f0000002380)=0x18)
r8 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_G_EXT_CTRLS(r8, 0xc0205649, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x98f905, 0xffffffff, '\x00', @string=&(0x7f0000000100)=0x8f}})
r9 = openat$vmci(0xffffff9c, &(0x7f0000001640), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r9, 0x7a7, &(0x7f0000000040)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r9, 0x7a0, &(0x7f00000000c0)={@hyper})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r9, 0x7b0, &(0x7f0000001100)={0x0})

3.225258582s ago: executing program 2 (id=1423):
bind$packet(0xffffffffffffffff, &(0x7f0000000180), 0x14)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000c40)=ANY=[@ANYBLOB="02c9000c00080005003608"], 0x11)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)

2.409399886s ago: executing program 2 (id=1424):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = open(&(0x7f0000000100)='./file0\x00', 0x80ff, 0x0)
r4 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
fcntl$setlease(r3, 0x400, 0x0)
flock(r4, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
sendmsg$key(r1, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0207a20802"], 0x10}}, 0x0)
r6 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r6, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[0x0, 0x0], 0x2})
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000080)={{{@in=@multicast2, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee00}, {0x0, 0x9}, {}, 0x0, 0x0, 0x1}, {{@in=@loopback, 0x4d5, 0x32}, 0x0, @in6=@mcast1, 0x0, 0x0, 0x0, 0xb7}}, 0xe8)
sendmmsg(r0, &(0x7f0000000180), 0x400000000000077, 0x0)
socket$kcm(0xa, 0x922000000003, 0x11)
mkdir(&(0x7f00000009c0)='./file0\x00', 0x0)

2.346558924s ago: executing program 1 (id=1425):
unshare(0x8000000)
syz_open_dev$usbfs(&(0x7f0000000080), 0x76, 0x101301)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000126abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3acb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001d40)={&(0x7f00000009c0)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
getpid()
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

2.146146546s ago: executing program 4 (id=1426):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000005c0)={0xa4, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x6f, 0xe, {{{}, {}, @device_b, @device_b}, 0x0, @default, 0x0, @val={0x0, 0x6, @default_ibss_ssid}, @val, @void, @void, @void, @val={0x5, 0x3}, @void, @val={0x2a, 0x1}, @void, @val={0x2d, 0x1a}, @val={0x72, 0x6}, @val={0x71, 0x7}, @val={0x76, 0x6}}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}], @NL80211_ATTR_BEACON_INTERVAL={0x8}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20000044}, 0x0)

905.807375ms ago: executing program 1 (id=1427):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
fcntl$notify(r3, 0x402, 0x29)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r4, &(0x7f000001a240)=""/102400, 0x19000, 0x0)

851.924583ms ago: executing program 2 (id=1428):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, 0x0, 0x20008000)
r4 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_TABLE(r4, 0x29, 0xd1, &(0x7f0000000040)=0xfe, 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240))
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x101000, 0x0)
ppoll(&(0x7f0000000180)=[{r5}, {0xffffffffffffffff, 0x1000}], 0x2, &(0x7f00000001c0)={0x77359400}, &(0x7f0000000200)={[0x6578]}, 0x8)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0xd, &(0x7f0000000040)=@assoc_value={<r7=>0x0}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000100)={r7}, &(0x7f0000002380)=0x18)
r8 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_G_EXT_CTRLS(r8, 0xc0205649, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x98f905, 0xffffffff, '\x00', @string=&(0x7f0000000100)=0x8f}})
r9 = openat$vmci(0xffffff9c, &(0x7f0000001640), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r9, 0x7a7, &(0x7f0000000040)=0x10000)
ioctl$sock_inet_sctp_SIOCINQ(r4, 0x541b, &(0x7f0000000280))
ioctl$IOCTL_VMCI_INIT_CONTEXT(r9, 0x7a0, &(0x7f00000000c0)={@hyper})

225.303364ms ago: executing program 3 (id=1429):
gettid()
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f00000003c0)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(0xffffffffffffffff, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000001c0)=0x1b)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)

0s ago: executing program 4 (id=1430):
socket$kcm(0x21, 0x0, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0)
openat$apparmor_thread_current(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000040)=0x10000)
read$dsp(r3, &(0x7f00000000c0)=""/108, 0x6c)
read$dsp(r3, &(0x7f0000000200)=""/168, 0xa8)

kernel console output (not intermixed with test programs):

 filter on device batadv0
[   81.057266][ T5848] 8021q: adding VLAN 0 to HW filter on device team0
[   81.132044][ T5852] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.145801][ T1132] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.153022][ T1132] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.191013][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0
[   81.215034][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.222237][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.250658][ T5852] 8021q: adding VLAN 0 to HW filter on device team0
[   81.320261][ T5841] veth0_vlan: entered promiscuous mode
[   81.357155][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0
[   81.384130][ T1132] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.391340][ T1132] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.404095][ T1132] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.411427][ T1132] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.441230][ T5841] veth1_vlan: entered promiscuous mode
[   81.459661][ T5845] veth0_vlan: entered promiscuous mode
[   81.509038][ T5845] veth1_vlan: entered promiscuous mode
[   81.657483][ T5845] veth0_macvtap: entered promiscuous mode
[   81.667543][ T5841] veth0_macvtap: entered promiscuous mode
[   81.710282][ T5845] veth1_macvtap: entered promiscuous mode
[   81.721552][ T5841] veth1_macvtap: entered promiscuous mode
[   81.760639][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0
[   81.852937][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.885546][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.931030][ T5836] veth0_vlan: entered promiscuous mode
[   81.957365][ T5845] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.994533][ T5845] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.006118][ T5845] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.018505][ T5842] Bluetooth: hci1: command tx timeout
[   82.024140][ T5842] Bluetooth: hci0: command tx timeout
[   82.030386][ T5845] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.062214][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.088310][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.126706][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.156450][ T5836] veth1_vlan: entered promiscuous mode
[   82.188297][ T5842] Bluetooth: hci5: command tx timeout
[   82.193777][ T5842] Bluetooth: hci2: command tx timeout
[   82.215078][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.247407][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.258055][ T5842] Bluetooth: hci4: command tx timeout
[   82.263710][ T5842] Bluetooth: hci3: command tx timeout
[   82.295999][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.376687][ T5836] veth0_macvtap: entered promiscuous mode
[   82.419253][ T5841] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.430018][ T5841] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.440272][ T5841] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.455792][ T5841] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.483908][ T5836] veth1_macvtap: entered promiscuous mode
[   82.551767][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.564428][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.581300][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.610384][ T5852] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.624834][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.636396][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.647185][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   82.659822][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.671690][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.770302][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.789314][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.799497][ T5836] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   82.811006][ T5836] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   82.823166][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.840679][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.850594][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.878727][ T5844] veth0_vlan: entered promiscuous mode
[   82.918339][ T5836] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.930836][ T5836] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.943564][ T5836] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.952410][ T5836] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.996737][ T5844] veth1_vlan: entered promiscuous mode
[   83.022823][ T3465] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.025933][ T5845] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   83.066385][ T3465] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.166706][ T5852] veth0_vlan: entered promiscuous mode
[   83.178722][ T3432] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.188047][ T3432] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.212818][ T5943] loop1: detected capacity change from 0 to 1024
[   83.252343][ T5943] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   83.264556][ T5943] JBD2: no valid journal superblock found
[   83.272535][ T5943] EXT4-fs (loop1): Could not load journal inode
[   83.279894][ T5852] veth1_vlan: entered promiscuous mode
[   83.303798][ T5848] veth0_vlan: entered promiscuous mode
[   83.392486][ T5848] veth1_vlan: entered promiscuous mode
[   83.401807][ T5943] loop1: detected capacity change from 0 to 512
[   83.423949][ T5852] veth0_macvtap: entered promiscuous mode
[   83.461181][ T5852] veth1_macvtap: entered promiscuous mode
[   83.490514][ T5943] loop1: detected capacity change from 0 to 512
[   83.550702][ T5844] veth0_macvtap: entered promiscuous mode
[   83.624170][   T79] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.632284][   T79] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.799290][ T5844] veth1_macvtap: entered promiscuous mode
[   83.824820][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.836728][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.862621][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.873756][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.883864][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.894889][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.907298][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.934600][ T5848] veth0_macvtap: entered promiscuous mode
[   83.944671][ T5848] veth1_macvtap: entered promiscuous mode
[   83.954009][ T5852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.966624][ T5852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.977073][ T5852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.988094][ T5852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.998764][ T5852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.009894][ T5852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.020914][ T5852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.031709][ T5852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.043515][ T5852] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.060652][ T5852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.076287][ T5852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.089086][ T5852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.109510][ T5852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.126594][ T5852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.138882][ T5852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.149188][ T5842] Bluetooth: hci0: command tx timeout
[   84.155608][ T5856] Bluetooth: hci1: command tx timeout
[   84.183164][ T5852] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.246012][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.265220][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.276961][ T5842] Bluetooth: hci2: command tx timeout
[   84.297052][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.308097][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.320293][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.331393][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.351279][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.362365][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.453754][ T5842] Bluetooth: hci3: command tx timeout
[   84.459366][ T5842] Bluetooth: hci4: command tx timeout
[   84.476926][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.494339][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.520256][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.530314][ T5852] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.544188][ T5852] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.553875][ T5852] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.563041][ T5852] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.577115][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.590453][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.600823][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.611512][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.621821][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.634423][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.644687][ T5844] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.656072][ T5844] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.670707][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.694466][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.705616][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.716226][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.726799][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.736761][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.747970][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.758208][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.768897][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.779177][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.790111][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.801539][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.825420][ T5844] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.837922][ T5844] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.846656][ T5844] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.861757][ T5844] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.886892][ T5848] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.898552][ T5848] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.907407][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.915562][ T5848] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.937668][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.945420][ T5848] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.053710][ T3548] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.111932][ T3548] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.145150][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.171463][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.257455][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.294046][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.344813][   T46] cfg80211: failed to load regulatory.db
[   86.380880][ T5977] syzkaller0: entered promiscuous mode
[   86.386545][ T5977] syzkaller0: entered allmulticast mode
[   87.470148][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   87.598663][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   87.608036][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   87.618415][ T5856] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[   87.627065][ T5856] Bluetooth: hci5: Injecting HCI hardware error event
[   87.635323][ T5856] Bluetooth: hci5: hardware error 0x00
[   87.679009][ T5991] loop1: detected capacity change from 0 to 2048
[   87.791869][ T5991] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.804693][ T5991] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.994791][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.668995][ T6009] loop2: detected capacity change from 0 to 4096
[   89.781351][ T5856] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[   90.164520][ T6015] loop2: detected capacity change from 0 to 4096
[   90.224551][ T6015] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.281084][ T5836] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.671571][ T3548] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.727840][ T3548] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.841253][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.880794][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.927024][ T3465] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.964151][ T3465] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.832581][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   92.987502][ T6048] netlink: 20 bytes leftover after parsing attributes in process `syz.4.35'.
[   93.068596][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   93.914317][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   93.943693][ T6057] loop5: detected capacity change from 0 to 512
[   93.955133][ T6060] loop1: detected capacity change from 0 to 256
[   93.995604][ T6057] =======================================================
[   93.995604][ T6057] WARNING: The mand mount option has been deprecated and
[   93.995604][ T6057]          and is ignored by this kernel. Remove the mand
[   93.995604][ T6057]          option from the mount to silence this warning.
[   93.995604][ T6057] =======================================================
[   94.128464][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   94.357599][ T6057] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   94.387593][ T6057] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.39: bg 0: block 131: padding at end of block bitmap is not set
[   95.198134][ T6057] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6550: Corrupt filesystem
[   95.224571][ T6057] EXT4-fs (loop5): 1 truncate cleaned up
[   95.258917][ T6057] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.310115][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   95.594088][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   97.590564][ T5848] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.588830][ T6111] netlink: 4 bytes leftover after parsing attributes in process `syz.1.52'.
[  100.628158][ T6111] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  100.635727][ T6111] batman_adv: batadv0: Removing interface: batadv_slave_0
[  100.770768][ T6111] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  100.809075][ T6111] batman_adv: batadv0: Removing interface: batadv_slave_1
[  101.252408][ T6132] netlink: 100 bytes leftover after parsing attributes in process `syz.5.56'.
[  102.271343][ T6136] netlink: 'syz.0.58': attribute type 29 has an invalid length.
[  102.285748][ T6136] netlink: 'syz.0.58': attribute type 29 has an invalid length.
[  102.295830][ T6136] netlink: 'syz.0.58': attribute type 29 has an invalid length.
[  102.305488][ T6136] netlink: 'syz.0.58': attribute type 29 has an invalid length.
[  102.616981][ T6136] netlink: 'syz.0.58': attribute type 29 has an invalid length.
[  103.885098][ T6157] loop5: detected capacity change from 0 to 2048
[  103.916584][ T6157] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities
[  104.958055][ T6167] loop4: detected capacity change from 0 to 256
[  105.028170][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  107.762525][ T6194] tipc: Started in network mode
[  107.838561][ T6194] tipc: Node identity 4, cluster identity 4711
[  107.861726][ T6168] loop3: detected capacity change from 0 to 32768
[  107.917905][ T6194] tipc: Node number set to 4
[  109.088164][ T6168] JBD2: Ignoring recovery information on journal
[  109.226042][ T6222] netlink: 60 bytes leftover after parsing attributes in process `syz.5.80'.
[  111.198628][ T6168] JBD2: journal reset failed
[  111.333266][ T6168] (syz.3.68,6168,0):ocfs2_journal_load:1145 ERROR: Failed to load journal!
[  111.637829][ T6168] (syz.3.68,6168,0):ocfs2_check_volume:2423 ERROR: ocfs2 journal load failed! -4
[  116.054069][ T6283] loop5: detected capacity change from 0 to 256
[  116.363415][ T6283] exFAT-fs (loop5): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  117.895828][ T6298] loop4: detected capacity change from 0 to 4096
[  118.248134][ T6298] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512).
[  119.234657][ T6314] loop3: detected capacity change from 0 to 4096
[  120.287020][ T6329] netlink: 24 bytes leftover after parsing attributes in process `syz.1.110'.
[  120.928372][ T6337] loop0: detected capacity change from 0 to 1024
[  120.940239][ T6337] ext4: Unknown parameter 'noacl'
[  124.256395][ T6363] netlink: 60 bytes leftover after parsing attributes in process `syz.1.119'.
[  124.781182][ T6372] loop1: detected capacity change from 0 to 512
[  124.902474][ T6372] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.120: bg 0: block 131: padding at end of block bitmap is not set
[  125.029116][ T6372] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  125.063515][ T6372] EXT4-fs (loop1): 1 truncate cleaned up
[  125.073940][ T6372] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.759850][ T6382] loop2: detected capacity change from 0 to 256
[  127.003121][ T6395] Zero length message leads to an empty skb
[  127.246720][ T6393] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  127.270653][ T6393] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  127.592309][ T6404] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  127.603053][ T6404] FAT-fs (loop2): Filesystem has been set read-only
[  127.610472][ T6404] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  127.620915][ T6404] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  128.350008][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.718042][   T29] audit: type=1800 audit(1729948116.732:2): pid=6404 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.124" name="file1" dev="loop2" ino=1048604 res=0 errno=0
[  129.114304][ T6410] netlink: 60 bytes leftover after parsing attributes in process `syz.5.133'.
[  130.871765][ T6434] loop1: detected capacity change from 0 to 1024
[  130.908748][ T6434] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  131.509103][ T6434] JBD2: no valid journal superblock found
[  131.905198][ T6434] EXT4-fs (loop1): Could not load journal inode
[  131.956193][ T6444] loop5: detected capacity change from 0 to 256
[  132.063981][ T6444] exFAT-fs (loop5): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  132.149203][ T6434] loop1: detected capacity change from 0 to 512
[  132.276409][ T6434] loop1: detected capacity change from 0 to 512
[  132.431838][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  132.439513][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  133.810913][ T6465] loop4: detected capacity change from 0 to 512
[  134.925117][ T6465] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.148: bg 0: block 131: padding at end of block bitmap is not set
[  135.051269][ T6465] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  135.078355][ T6465] EXT4-fs (loop4): 1 truncate cleaned up
[  135.103083][ T6465] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.797530][ T5844] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.341579][ T6516] hub 6-0:1.0: USB hub found
[  139.347843][ T6516] hub 6-0:1.0: 1 port detected
[  144.216361][   T46] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  144.378131][   T46] usb 2-1: Using ep0 maxpacket: 16
[  144.556474][   T46] usb 2-1: config 250 has an invalid interface number: 206 but max is 0
[  145.138655][   T46] usb 2-1: config 250 has no interface number 0
[  145.145635][   T46] usb 2-1: config 250 interface 206 altsetting 3 endpoint 0x3 has invalid maxpacket 512, setting to 64
[  145.157286][   T46] usb 2-1: config 250 interface 206 altsetting 3 bulk endpoint 0xB has invalid maxpacket 64
[  145.168337][   T46] usb 2-1: config 250 interface 206 has no altsetting 0
[  145.183460][   T46] usb 2-1: New USB device found, idVendor=0a07, idProduct=00c8, bcdDevice=93.32
[  145.198837][   T46] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.206888][   T46] usb 2-1: Product: syz
[  145.212006][   T46] usb 2-1: Manufacturer: syz
[  145.216832][   T46] usb 2-1: SerialNumber: syz
[  145.243125][ T6556] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  145.253416][ T6569] loop2: detected capacity change from 0 to 512
[  145.484750][   T46] adutux 2-1:250.206: interrupt endpoints not found
[  145.554513][   T46] usb 2-1: USB disconnect, device number 2
[  146.934134][ T6569] EXT4-fs warning (device loop2): ext4_enable_quotas:7097: Failed to enable quota tracking (type=0, err=-13, ino=3). Please run e2fsck to fix.
[  147.010999][ T6569] EXT4-fs (loop2): mount failed
[  149.333407][ T6609] 8021q: adding VLAN 0 to HW filter on device bond1
[  151.798945][ T6633] loop4: detected capacity change from 0 to 1024
[  151.957703][ T6633] EXT4-fs: Ignoring removed oldalloc option
[  152.036501][ T6633] EXT4-fs (loop4): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  153.133533][ T6633] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  153.968128][ T5844] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.445998][   T29] audit: type=1326 audit(1729948143.542:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6672 comm="syz.2.211" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbe2437e719 code=0x0
[  154.786115][ T6682] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  154.795972][ T6682] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  155.711431][ T6700] loop0: detected capacity change from 0 to 512
[  155.844063][ T6700] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.216: bg 0: block 131: padding at end of block bitmap is not set
[  155.885883][ T6700] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  155.934394][ T6700] EXT4-fs (loop0): 1 truncate cleaned up
[  156.122597][ T6700] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  156.223463][ T6709] loop5: detected capacity change from 0 to 64
[  156.617136][ T5842] Bluetooth: hci0: command tx timeout
[  158.520915][ T5852] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.540575][ T6720] syzkaller0: entered promiscuous mode
[  158.546195][ T6720] syzkaller0: entered allmulticast mode
[  158.547547][ T6723] 9pnet: p9_errstr2errno: server reported unknown error capability
[  158.577451][ T1132] syzkaller0: tun_net_xmit 48
[  158.959888][ T6730] hub 6-0:1.0: USB hub found
[  158.965572][ T6730] hub 6-0:1.0: 1 port detected
[  160.187058][ T5842] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  160.197392][ T5842] CPU: 0 UID: 0 PID: 5842 Comm: kworker/u9:3 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  160.208311][ T5842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  160.218865][ T5842] Workqueue: hci1 hci_rx_work
[  160.223720][ T5842] Call Trace:
[  160.227019][ T5842]  <TASK>
[  160.229981][ T5842]  dump_stack_lvl+0x241/0x360
[  160.234832][ T5842]  ? __pfx_dump_stack_lvl+0x10/0x10
[  160.240072][ T5842]  ? __pfx__printk+0x10/0x10
[  160.244706][ T5842]  ? srso_alias_return_thunk+0x5/0xfbef5
[  160.250476][ T5842]  ? sysfs_create_dir_ns+0x28a/0x3a0
[  160.255805][ T5842]  ? __kmalloc_cache_noprof+0x19c/0x2c0
[  160.261397][ T5842]  sysfs_create_dir_ns+0x2ce/0x3a0
[  160.266744][ T5842]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  160.272432][ T5842]  ? srso_alias_return_thunk+0x5/0xfbef5
[  160.278098][ T5842]  kobject_add_internal+0x435/0x8d0
[  160.283329][ T5842]  kobject_add+0x152/0x220
[  160.287768][ T5842]  ? srso_alias_return_thunk+0x5/0xfbef5
[  160.293429][ T5842]  ? do_raw_spin_unlock+0x13c/0x8b0
[  160.298656][ T5842]  ? device_add+0x3e7/0xbf0
[  160.303186][ T5842]  ? __pfx_kobject_add+0x10/0x10
[  160.308142][ T5842]  ? srso_alias_return_thunk+0x5/0xfbef5
[  160.313798][ T5842]  ? _raw_spin_unlock+0x28/0x50
[  160.318668][ T5842]  ? srso_alias_return_thunk+0x5/0xfbef5
[  160.324337][ T5842]  ? srso_alias_return_thunk+0x5/0xfbef5
[  160.329993][ T5842]  ? get_device_parent+0x165/0x410
[  160.335123][ T5842]  device_add+0x4e5/0xbf0
[  160.339475][ T5842]  hci_conn_add_sysfs+0xe8/0x200
[  160.344436][ T5842]  le_conn_complete_evt+0xc9f/0x12e0
[  160.349750][ T5842]  ? srso_alias_return_thunk+0x5/0xfbef5
[  160.355430][ T5842]  ? trace_contention_end+0x3c/0x120
[  160.360837][ T5842]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  160.366578][ T5842]  ? srso_alias_return_thunk+0x5/0xfbef5
[  160.372233][ T5842]  ? __mutex_unlock_slowpath+0x21d/0x750
[  160.377894][ T5842]  ? __copy_skb_header+0x437/0x5b0
[  160.383030][ T5842]  ? srso_alias_return_thunk+0x5/0xfbef5
[  160.388706][ T5842]  ? skb_pull_data+0x112/0x230
[  160.393504][ T5842]  hci_le_conn_complete_evt+0x18c/0x420
[  160.399211][ T5842]  hci_event_packet+0xa57/0x1540
[  160.404175][ T5842]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  160.409490][ T5842]  ? __pfx_hci_event_packet+0x10/0x10
[  160.414978][ T5842]  ? srso_alias_return_thunk+0x5/0xfbef5
[  160.420634][ T5842]  ? set_offload_codec_func+0x40/0x5a0
[  160.426122][ T5842]  ? srso_alias_return_thunk+0x5/0xfbef5
[  160.431778][ T5842]  ? kcov_remote_start+0x97/0x7d0
[  160.436837][ T5842]  hci_rx_work+0x3fe/0xd80
[  160.441310][ T5842]  ? process_scheduled_works+0x976/0x1850
[  160.447147][ T5842]  process_scheduled_works+0xa65/0x1850
[  160.452773][ T5842]  ? __pfx_process_scheduled_works+0x10/0x10
[  160.458980][ T5842]  ? assign_work+0x364/0x3d0
[  160.463778][ T5842]  worker_thread+0x870/0xd30
[  160.468620][ T5842]  ? __kthread_parkme+0x169/0x1d0
[  160.473699][ T5842]  ? __pfx_worker_thread+0x10/0x10
[  160.478843][ T5842]  kthread+0x2f2/0x390
[  160.482956][ T5842]  ? __pfx_worker_thread+0x10/0x10
[  160.488091][ T5842]  ? __pfx_kthread+0x10/0x10
[  160.492696][ T5842]  ret_from_fork+0x4d/0x80
[  160.497145][ T5842]  ? __pfx_kthread+0x10/0x10
[  160.501751][ T5842]  ret_from_fork_asm+0x1a/0x30
[  160.506564][ T5842]  </TASK>
[  160.520488][ T5842] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  160.534875][ T5842] Bluetooth: hci1: failed to register connection device
[  160.560619][   T29] audit: type=1326 audit(1729948149.662:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6739 comm="syz.3.230" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff054b7e719 code=0x0
[  162.591541][ T5856] Bluetooth: hci1: command tx timeout
[  163.353418][ T6775] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  164.743042][   T29] audit: type=1326 audit(1729948153.842:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6780 comm="syz.1.245" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe5c617e719 code=0x0
[  164.903951][ T6752] netlink: 4 bytes leftover after parsing attributes in process `syz.4.234'.
[  164.913316][ T6752] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  164.921460][ T6752] batman_adv: batadv0: Removing interface: batadv_slave_0
[  164.930042][ T6752] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  164.937475][ T6752] batman_adv: batadv0: Removing interface: batadv_slave_1
[  165.386933][ T6789] trusted_key: syz.2.246 sent an empty control message without MSG_MORE.
[  168.833389][ T6807] loop5: detected capacity change from 0 to 1024
[  168.897324][ T6807] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  169.040089][ T6807] JBD2: no valid journal superblock found
[  169.789696][ T6807] EXT4-fs (loop5): Could not load journal inode
[  169.800774][ T6810] netlink: 120 bytes leftover after parsing attributes in process `syz.4.254'.
[  170.595258][ T6807] loop5: detected capacity change from 0 to 512
[  172.804859][ T6840] loop2: detected capacity change from 0 to 4096
[  172.862391][ T6840] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512).
[  173.013118][ T6849] capability: warning: `syz.5.267' uses deprecated v2 capabilities in a way that may be insecure
[  175.963892][ T6872] netlink: 36 bytes leftover after parsing attributes in process `syz.0.274'.
[  176.343037][ T6887] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  177.141383][ T5842] Bluetooth: hci4: command 0x0405 tx timeout
[  177.555299][ T6897] netlink: 4 bytes leftover after parsing attributes in process `syz.4.284'.
[  178.826114][ T6906] loop2: detected capacity change from 0 to 1024
[  178.837324][ T6906] ext4: Unknown parameter 'noacl'
[  179.234318][ T6892] loop5: detected capacity change from 0 to 4096
[  179.343326][ T6892] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512).
[  179.481878][ T6917] netlink: 100 bytes leftover after parsing attributes in process `syz.2.287'.
[  180.336879][ T6892] ntfs3(loop5): Failed to read $UpCase (-4).
[  182.997465][ T6956] loop0: detected capacity change from 0 to 512
[  183.050756][ T6956] EXT4-fs (loop0): blocks per group (8192) and clusters per group (2304) inconsistent
[  185.198934][ T6973] netlink: 4 bytes leftover after parsing attributes in process `syz.4.300'.
[  185.768789][ T6984] netlink: 20 bytes leftover after parsing attributes in process `syz.2.306'.
[  185.825517][ T6976] loop0: detected capacity change from 0 to 8192
[  186.180417][ T6976] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  186.692436][ T6976] process 'syz.0.303' launched './file1' with NULL argv: empty string added
[  186.706325][ T6979] loop4: detected capacity change from 0 to 4096
[  186.726854][ T6979] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512).
[  187.710105][ T7010] loop2: detected capacity change from 0 to 2048
[  189.150378][ T7015] bridge0: port 3(gretap0) entered blocking state
[  189.158480][ T7015] bridge0: port 3(gretap0) entered disabled state
[  189.162151][ T7010] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  189.165278][ T7015] gretap0: entered allmulticast mode
[  189.433006][ T7015] gretap0: entered promiscuous mode
[  189.440442][ T7015] bridge0: port 3(gretap0) entered blocking state
[  189.447552][ T7015] bridge0: port 3(gretap0) entered forwarding state
[  189.489683][   T29] audit: type=1800 audit(1729948178.302:6): pid=7009 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.311" name="bus" dev="loop2" ino=1367 res=0 errno=0
[  189.578334][ T7017] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  189.704430][ T7017] loop0: detected capacity change from 0 to 8
[  189.774716][ T7017] SQUASHFS error: Failed to read block 0x1ea: -5
[  189.781697][ T7017] unable to read xattr id index table
[  191.513158][ T7034] netlink: 4 bytes leftover after parsing attributes in process `syz.2.317'.
[  191.522557][ T7034] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  191.530397][ T7034] batman_adv: batadv0: Removing interface: batadv_slave_0
[  191.890870][ T7034] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  191.904915][ T7034] batman_adv: batadv0: Removing interface: batadv_slave_1
[  192.774054][ T7056] loop5: detected capacity change from 0 to 512
[  193.321213][ T7059] loop1: detected capacity change from 0 to 1024
[  193.334247][ T7059] ext4: Unknown parameter 'noacl'
[  193.615153][ T7056] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.329: bg 0: block 131: padding at end of block bitmap is not set
[  193.673219][ T7056] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  193.742839][ T7056] EXT4-fs (loop5): 1 truncate cleaned up
[  193.754827][ T7056] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.988219][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  193.994769][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  194.711985][ T7071] loop2: detected capacity change from 0 to 64
[  195.088530][ T5848] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.124741][ T7071] hfs: get root inode failed
[  195.807137][ T7075] loop2: detected capacity change from 0 to 64
[  196.535162][ T7082] syz.5.335 uses obsolete (PF_INET,SOCK_PACKET)
[  198.122221][ T7097] loop4: detected capacity change from 0 to 512
[  198.635117][ T7097] EXT4-fs warning (device loop4): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  199.885477][ T7105] loop3: detected capacity change from 0 to 164
[  200.088838][ T7105] iso9660: Unknown parameter 'fowner'
[  201.854046][ T7123] loop5: detected capacity change from 0 to 1024
[  201.866475][ T7123] ext4: Unknown parameter 'noacl'
[  202.163851][ T5849] Bluetooth: hci1: command 0x0406 tx timeout
[  202.170771][ T5849] Bluetooth: hci3: command 0x0406 tx timeout
[  202.176812][ T5849] Bluetooth: hci4: command 0x0405 tx timeout
[  202.183392][ T5849] Bluetooth: hci0: command 0x0406 tx timeout
[  202.189521][ T5849] Bluetooth: hci2: command 0x0406 tx timeout
[  202.306000][ T7127] warning: `syz.1.348' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  202.383108][ T7126] loop0: detected capacity change from 0 to 512
[  203.426724][ T7144] overlayfs: failed to resolve './file2': -2
[  203.692560][ T7126] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  204.623460][ T5852] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.197009][ T7160] loop0: detected capacity change from 0 to 8
[  205.230035][ T7161] loop5: detected capacity change from 0 to 1024
[  205.656125][ T7160] SQUASHFS error: Failed to read block 0x1ea: -5
[  205.870811][ T7160] unable to read xattr id index table
[  206.416458][   T52] hfsplus: b-tree write err: -5, ino 4
[  207.249237][ T7184] loop0: detected capacity change from 0 to 1024
[  207.261347][ T7184] ext4: Unknown parameter 'noacl'
[  207.940428][ T7203] netlink: 80 bytes leftover after parsing attributes in process `syz.3.369'.
[  209.612119][ T7212] loop0: detected capacity change from 0 to 4096
[  209.675663][ T7212] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512).
[  209.802861][ T7212] ntfs3(loop0): $AttrDef is corrupted.
[  209.934522][ T7220] loop2: detected capacity change from 0 to 256
[  211.177791][   T29] audit: type=1800 audit(1729948200.002:7): pid=7224 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.381" name="file1" dev="loop2" ino=1048609 res=0 errno=0
[  215.518848][ T7297] loop2: detected capacity change from 0 to 512
[  215.878870][ T7297] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.410: bg 0: block 131: padding at end of block bitmap is not set
[  215.902792][ T7297] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  215.934091][ T7297] EXT4-fs (loop2): 1 truncate cleaned up
[  215.966332][ T7297] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  217.371567][ T5836] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.878070][ T7337] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  218.887900][ T7337] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  220.469705][ T7347] loop0: detected capacity change from 0 to 512
[  221.800520][ T7347] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.825627][ T7347] ext4 filesystem being mounted at /60/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  221.949448][ T7347] netlink: 20 bytes leftover after parsing attributes in process `syz.0.423'.
[  221.995455][ T7366] loop4: detected capacity change from 0 to 512
[  222.048807][ T7366] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.429: bg 0: block 131: padding at end of block bitmap is not set
[  222.233437][ T5852] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.326906][ T7366] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  222.347096][ T7366] EXT4-fs (loop4): 1 truncate cleaned up
[  222.368673][ T7366] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.678448][ T7390] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  223.688235][ T7390] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  224.304937][ T5844] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.538898][ T7396] loop0: detected capacity change from 0 to 256
[  224.624522][ T7398] loop3: detected capacity change from 0 to 256
[  225.779790][   T29] audit: type=1326 audit(1729948214.492:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7399 comm="syz.4.440" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb8fc37e719 code=0x0
[  225.843347][ T7406] tty tty28: ldisc open failed (-12), clearing slot 27
[  231.552797][ T7445] loop4: detected capacity change from 0 to 512
[  232.404409][ T7445] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.452: bg 0: block 131: padding at end of block bitmap is not set
[  232.654007][ T7445] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  232.672106][ T7445] EXT4-fs (loop4): 1 truncate cleaned up
[  232.679463][ T7445] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  234.510323][ T7469] loop3: detected capacity change from 0 to 256
[  235.299304][ T5844] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.492385][ T7485] netlink: 4 bytes leftover after parsing attributes in process `syz.0.462'.
[  235.653030][ T7485] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  235.908298][ T7488] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  235.919641][ T7488] FAT-fs (loop3): Filesystem has been set read-only
[  235.929643][ T7488] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  235.940020][ T7488] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  235.979939][ T7485] batman_adv: batadv0: Removing interface: batadv_slave_0
[  235.997471][   T29] audit: type=1800 audit(1729948225.052:9): pid=7488 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.458" name="file1" dev="loop3" ino=1048610 res=0 errno=0
[  236.398636][ T7485] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  236.406192][ T7485] batman_adv: batadv0: Removing interface: batadv_slave_1
[  237.027834][ T7495] netlink: 32 bytes leftover after parsing attributes in process `syz.4.457'.
[  238.158757][ T7508] loop3: detected capacity change from 0 to 512
[  238.510417][ T7508] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.470: bg 0: block 131: padding at end of block bitmap is not set
[  238.807325][ T7508] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  238.826740][ T7508] EXT4-fs (loop3): 1 truncate cleaned up
[  239.571330][ T7508] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  241.308917][ T5841] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.853058][ T7557] netlink: 4 bytes leftover after parsing attributes in process `syz.3.484'.
[  245.114060][ T7590] loop1: detected capacity change from 0 to 512
[  245.205194][ T7590] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.492: bg 0: block 131: padding at end of block bitmap is not set
[  245.549853][ T7590] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  245.561009][ T7590] EXT4-fs (loop1): 1 truncate cleaned up
[  245.567954][ T7590] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  247.647200][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.768230][   T46] usb 1-1: new full-speed USB device number 2 using dummy_hcd
[  247.828311][ T7615] netlink: 4 bytes leftover after parsing attributes in process `syz.2.499'.
[  247.896357][ T7617] netlink: 'syz.1.501': attribute type 72 has an invalid length.
[  247.928459][ T7617] netlink: 12 bytes leftover after parsing attributes in process `syz.1.501'.
[  248.443771][ T7623] netlink: 36 bytes leftover after parsing attributes in process `syz.1.501'.
[  248.616899][   T46] usb 1-1: unable to get BOS descriptor or descriptor too short
[  249.253007][   T46] usb 1-1: not running at top speed; connect to a high speed hub
[  249.292163][   T46] usb 1-1: config 5 has an invalid interface number: 75 but max is 0
[  249.303459][   T46] usb 1-1: config 5 has no interface number 0
[  249.310183][   T46] usb 1-1: config 5 interface 75 altsetting 128 endpoint 0xD has invalid maxpacket 512, setting to 64
[  249.325237][   T46] usb 1-1: config 5 interface 75 has no altsetting 0
[  249.599659][   T46] usb 1-1: New USB device found, idVendor=1608, idProduct=030b, bcdDevice=fc.ae
[  249.609988][   T46] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  249.619856][   T46] usb 1-1: Product: syz
[  249.625150][   T46] usb 1-1: Manufacturer: syz
[  249.630455][   T46] usb 1-1: SerialNumber: syz
[  249.653669][ T7610] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  250.063021][   T46] io_ti 1-1:5.75: required endpoints missing
[  250.081838][   T46] usb 1-1: USB disconnect, device number 2
[  251.992212][ T7653] hub 6-0:1.0: USB hub found
[  251.998638][ T7653] hub 6-0:1.0: 1 port detected
[  252.489373][ T7654] input: syz1 as /devices/virtual/input/input5
[  253.350408][ T7659] loop2: detected capacity change from 0 to 512
[  254.515808][ T7659] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.513: bg 0: block 131: padding at end of block bitmap is not set
[  254.836461][ T7672] netlink: 4 bytes leftover after parsing attributes in process `syz.0.515'.
[  254.927288][ T7659] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  255.086737][ T7659] EXT4-fs (loop2): 1 truncate cleaned up
[  255.136015][ T7659] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.435115][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  255.441621][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  257.641451][ T5836] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.233450][ T7703] netlink: 60 bytes leftover after parsing attributes in process `syz.3.524'.
[  259.242790][ T7703] unsupported nlmsg_type 40
[  260.048518][ T7711] random: crng reseeded on system resumption
[  260.126373][ T7713] loop3: detected capacity change from 0 to 1024
[  260.201819][ T7713] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  260.370488][ T7713] JBD2: no valid journal superblock found
[  260.833865][ T7720] loop2: detected capacity change from 0 to 1024
[  260.845781][ T7720] ext4: Unknown parameter 'noacl'
[  261.406174][ T7713] EXT4-fs (loop3): Could not load journal inode
[  261.526732][ T7713] loop3: detected capacity change from 0 to 512
[  262.604265][ T7735] loop4: detected capacity change from 0 to 512
[  262.755996][ T7713] loop3: detected capacity change from 0 to 512
[  262.962990][ T7734] netlink: 'syz.2.533': attribute type 25 has an invalid length.
[  263.125315][ T5839] Bluetooth: hci1: unexpected event for opcode 0x0c13
[  263.449468][ T7735] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.534: bg 0: block 131: padding at end of block bitmap is not set
[  263.509884][ T7735] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  263.522522][ T7735] EXT4-fs (loop4): 1 truncate cleaned up
[  263.529499][ T7735] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  264.980132][ T5844] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.443357][ T7775] loop4: detected capacity change from 0 to 512
[  266.484040][ T7775] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.497891][ T7775] ext4 filesystem being mounted at /74/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  266.526236][ T7775] netlink: 68 bytes leftover after parsing attributes in process `syz.4.547'.
[  266.695194][ T7782] random: crng reseeded on system resumption
[  266.913071][ T5844] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.146513][ T5839] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  267.157576][ T5839] Bluetooth: hci1: Injecting HCI hardware error event
[  267.166802][ T5839] Bluetooth: hci1: hardware error 0x00
[  268.331214][ T7792] loop3: detected capacity change from 0 to 256
[  269.399834][ T7803] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  269.411289][ T7803] FAT-fs (loop3): Filesystem has been set read-only
[  269.420829][ T7803] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  269.432238][ T7803] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  269.982660][   T29] audit: type=1800 audit(1729948258.542:10): pid=7803 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.552" name="file1" dev="loop3" ino=1048611 res=0 errno=0
[  270.020141][ T5839] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  273.361015][ T7818] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  274.325800][   T46] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  274.369905][   T46] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  274.532391][    T8] usb 4-1: new low-speed USB device number 2 using dummy_hcd
[  274.784788][    T8] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  274.888398][ T1910] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[  274.932085][    T8] usb 4-1: New USB device found, idVendor=0b05, idProduct=171f, bcdDevice=62.f0
[  274.942203][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.593600][    T8] usb 4-1: config 0 descriptor??
[  275.701830][ T7846] loop1: detected capacity change from 0 to 256
[  275.855026][    T8] dvb-usb: found a 'ASUS My Cinema U3000 Mini DVBT Tuner' in cold state, will try to load a firmware
[  275.916666][ T1910] usb 3-1: unable to get BOS descriptor or descriptor too short
[  275.925546][ T1910] usb 3-1: no configurations
[  276.015552][ T1910] usb 3-1: can't read configurations, error -22
[  276.093688][ T7850] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  276.104146][ T7850] FAT-fs (loop1): Filesystem has been set read-only
[  276.111009][ T7850] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  276.121545][ T7850] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  276.187872][   T29] audit: type=1800 audit(1729948265.232:11): pid=7850 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.572" name="file1" dev="loop1" ino=1048612 res=0 errno=0
[  276.433966][    T8] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  276.442374][    T8] dib0700: firmware download failed at 7 with -22
[  276.454439][    T8] usb 4-1: USB disconnect, device number 2
[  277.950566][ T7864] overlayfs: overlapping lowerdir path
[  280.058128][    T8] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  280.352919][    T8] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  280.371118][ T7886] loop2: detected capacity change from 0 to 512
[  280.388951][    T8] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  280.432576][    T8] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  280.446627][ T7886] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  280.487920][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  280.548337][ T7886] ext4 filesystem being mounted at /103/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  281.245441][ T7886] netlink: 28 bytes leftover after parsing attributes in process `syz.2.584'.
[  281.407821][    T8] usb 4-1: SerialNumber: syz
[  281.674182][    T8] usb 4-1: 0:2 : does not exist
[  281.699853][    T8] usb 4-1: 5:0: failed to get current value for ch 1 (-22)
[  281.716429][    T8] usb 4-1: 5:0: failed to get current value for ch 2 (-22)
[  282.706787][    T8] usb 4-1: 5:0: failed to get current value for ch 5 (-22)
[  282.722551][    T8] usb 4-1: 5:0: failed to get current value for ch 13 (-22)
[  283.012772][ T5836] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.287977][    T8] usb 4-1: USB disconnect, device number 3
[  284.926178][ T7971] netlink: 4 bytes leftover after parsing attributes in process `syz.4.591'.
[  284.974889][ T6176] udevd[6176]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  286.213620][ T7988] loop5: detected capacity change from 0 to 1024
[  286.291623][ T7988] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  286.340233][ T7988] JBD2: no valid journal superblock found
[  286.363274][ T7988] EXT4-fs (loop5): Could not load journal inode
[  286.446069][ T7988] loop5: detected capacity change from 0 to 512
[  286.552679][ T7988] loop5: detected capacity change from 0 to 512
[  286.567052][ T7999] loop4: detected capacity change from 0 to 512
[  286.623653][   T54] Bluetooth: hci3: unexpected event for opcode 0x0c13
[  286.699098][ T7999] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  286.811582][ T7999] ext4 filesystem being mounted at /86/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  287.462760][ T8009] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  288.024023][ T8003] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  288.041571][ T5839] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  288.061315][ T5839] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  288.322533][ T5839] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  288.346077][ T5839] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  288.347013][ T7999] netlink: 28 bytes leftover after parsing attributes in process `syz.4.600'.
[  288.368783][ T5839] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  288.377012][ T5839] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  289.150982][ T7996] SET target dimension over the limit!
[  289.223597][ T5844] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.885829][ T8042] loop4: detected capacity change from 0 to 512
[  290.985594][ T5856] Bluetooth: hci6: command tx timeout
[  290.992307][ T5856] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  291.002673][ T5856] Bluetooth: hci3: Injecting HCI hardware error event
[  291.012974][ T5856] Bluetooth: hci3: hardware error 0x00
[  291.993160][ T8042] EXT4-fs warning (device loop4): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  292.326947][ T8010] chnl_net:caif_netlink_parms(): no params data found
[  293.241354][   T54] Bluetooth: hci6: command tx timeout
[  293.370820][ T8057] loop4: detected capacity change from 0 to 512
[  293.529620][ T8057] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  293.587917][ T8057] ext4 filesystem being mounted at /90/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  294.017980][ T5856] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  294.244597][ T8057] netlink: 28 bytes leftover after parsing attributes in process `syz.4.618'.
[  294.376477][ T5844] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.399561][ T8010] bridge0: port 1(bridge_slave_0) entered blocking state
[  294.417206][ T8010] bridge0: port 1(bridge_slave_0) entered disabled state
[  294.437597][ T8010] bridge_slave_0: entered allmulticast mode
[  294.485390][ T8010] bridge_slave_0: entered promiscuous mode
[  295.367626][ T5856] Bluetooth: hci6: command tx timeout
[  295.451846][ T7958] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.704487][ T7958] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.035747][ T8010] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.043161][ T8010] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.050590][ T8010] bridge_slave_1: entered allmulticast mode
[  296.057884][ T8010] bridge_slave_1: entered promiscuous mode
[  296.609084][   T29] audit: type=1326 audit(1729948285.562:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8112 comm="syz.3.633" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff054b7e719 code=0x0
[  296.845768][ T7958] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.228032][ T8124] loop1: detected capacity change from 0 to 512
[  297.251345][ T7958] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  297.317918][ T8010] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  297.365897][ T8010] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  297.403231][ T8124] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  297.426039][ T5856] Bluetooth: hci6: command tx timeout
[  297.442881][ T8124] ext4 filesystem being mounted at /134/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  297.542496][ T8124] netlink: 28 bytes leftover after parsing attributes in process `syz.1.636'.
[  297.590530][ T8124] netlink: 8 bytes leftover after parsing attributes in process `syz.1.636'.
[  297.687543][ T8010] team0: Port device team_slave_0 added
[  297.735914][ T8010] team0: Port device team_slave_1 added
[  297.758574][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.956378][ T8010] batman_adv: batadv0: Adding interface: batadv_slave_0
[  297.986474][ T8010] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  298.070236][ T8010] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  298.133642][ T8010] batman_adv: batadv0: Adding interface: batadv_slave_1
[  298.169870][ T8010] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  298.254589][ T8010] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  299.714670][ T8010] hsr_slave_0: entered promiscuous mode
[  299.759842][ T8010] hsr_slave_1: entered promiscuous mode
[  299.882725][ T8010] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  299.895538][ T8010] Cannot create hsr debugfs directory
[  299.932343][ T8158] netlink: 16 bytes leftover after parsing attributes in process `syz.1.647'.
[  300.009108][ T8166] loop2: detected capacity change from 0 to 512
[  300.024616][ T8158] netlink: 8 bytes leftover after parsing attributes in process `syz.1.647'.
[  300.049696][ T8158] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  300.059064][ T8158] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  300.172677][ T8166] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  300.206797][ T8158] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  300.237196][ T8166] ext4 filesystem being mounted at /111/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  300.257947][ T8158] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  301.217654][ T8158] geneve2: entered allmulticast mode
[  302.390232][ T7958] bridge_slave_1: left allmulticast mode
[  302.408325][ T7958] bridge_slave_1: left promiscuous mode
[  302.454454][ T7958] bridge0: port 2(bridge_slave_1) entered disabled state
[  302.499907][ T7958] bridge_slave_0: left allmulticast mode
[  302.520622][ T7958] bridge_slave_0: left promiscuous mode
[  302.548087][ T7958] bridge0: port 1(bridge_slave_0) entered disabled state
[  304.556541][ T8131] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  304.821474][ T7958] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  304.843466][ T7958] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  304.856602][ T7958] bond0 (unregistering): Released all slaves
[  304.951647][ T8166] netlink: 28 bytes leftover after parsing attributes in process `syz.2.651'.
[  304.960909][ T8166] netlink: 8 bytes leftover after parsing attributes in process `syz.2.651'.
[  305.094546][ T5836] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.092228][ T8253] fuse: Bad value for 'fd'
[  308.544550][ T8265] loop5: detected capacity change from 0 to 512
[  308.806680][ T8265] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  308.867184][ T7958] hsr_slave_0: left promiscuous mode
[  308.954684][ T8265] ext4 filesystem being mounted at /114/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  309.045628][ T7958] hsr_slave_1: left promiscuous mode
[  309.105229][ T7958] veth1_macvtap: left promiscuous mode
[  309.149144][ T7958] veth0_macvtap: left promiscuous mode
[  309.179454][ T7958] veth1_vlan: left promiscuous mode
[  309.197816][ T7958] veth0_vlan: left promiscuous mode
[  309.332014][ T8293] netlink: 100 bytes leftover after parsing attributes in process `syz.3.678'.
[  312.661068][ T8322] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  312.712027][ T8322] qnx6: wrong signature (magic) in superblock #1.
[  312.720608][ T8322] qnx6: unable to read the first superblock
[  313.297456][ T8282] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  314.805930][ T7958] team0 (unregistering): Port device team_slave_1 removed
[  314.893725][ T8330] netlink: 100 bytes leftover after parsing attributes in process `syz.3.691'.
[  315.114791][ T7958] team0 (unregistering): Port device team_slave_0 removed
[  316.740520][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  316.747094][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  317.092874][ T8265] netlink: 28 bytes leftover after parsing attributes in process `syz.5.673'.
[  317.113006][ T8265] netlink: 8 bytes leftover after parsing attributes in process `syz.5.673'.
[  317.223055][ T5848] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.239297][   T29] audit: type=1326 audit(1729948307.292:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8344 comm="syz.5.695" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd01897e719 code=0x0
[  318.974879][ T8010] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  319.021466][ T8371] netlink: 100 bytes leftover after parsing attributes in process `syz.1.703'.
[  319.344018][ T8010] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  319.921038][ T8378] loop1: detected capacity change from 0 to 512
[  319.984108][ T8378] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  320.047339][ T8010] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  320.068420][ T8378] ext4 filesystem being mounted at /147/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  320.100628][ T8010] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  321.245347][ T8378] netlink: 28 bytes leftover after parsing attributes in process `syz.1.706'.
[  321.430004][ T8398] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 112
[  321.518950][ T8010] 8021q: adding VLAN 0 to HW filter on device bond0
[  321.566254][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.591819][ T5856] Bluetooth: hci2: unexpected event for opcode 0x2035
[  321.713664][ T8010] 8021q: adding VLAN 0 to HW filter on device team0
[  321.753460][ T7535] bridge0: port 1(bridge_slave_0) entered blocking state
[  321.760820][ T7535] bridge0: port 1(bridge_slave_0) entered forwarding state
[  321.873726][ T7535] bridge0: port 2(bridge_slave_1) entered blocking state
[  321.880970][ T7535] bridge0: port 2(bridge_slave_1) entered forwarding state
[  322.154390][ T8413] netlink: 8 bytes leftover after parsing attributes in process `syz.5.714'.
[  322.174341][ T8413] netlink: 12 bytes leftover after parsing attributes in process `syz.5.714'.
[  323.395790][ T8439] loop2: detected capacity change from 0 to 512
[  325.278435][ T8439] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  325.362600][ T8439] ext4 filesystem being mounted at /129/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  325.585348][ T8439] netlink: 28 bytes leftover after parsing attributes in process `syz.2.723'.
[  325.598069][  T962] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  325.619440][ T5856] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  325.688613][ T8010] 8021q: adding VLAN 0 to HW filter on device batadv0
[  325.702326][ T5836] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.711801][ T5856] Bluetooth: hci2: Injecting HCI hardware error event
[  325.714194][ T5856] Bluetooth: hci2: hardware error 0x00
[  325.784458][  T962] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[  325.792891][  T962] usb 4-1: config 0 has an invalid interface number: 4 but max is 0
[  325.801509][  T962] usb 4-1: config 0 has 2 interfaces, different from the descriptor's value: 1
[  325.821820][  T962] usb 4-1: config 0 has no interface number 0
[  326.016179][  T962] usb 4-1: config 0 has no interface number 1
[  326.022647][  T962] usb 4-1: too many endpoints for config 0 interface 4 altsetting 5: 219, using maximum allowed: 30
[  326.034345][  T962] usb 4-1: config 0 interface 4 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 219
[  326.049358][  T962] usb 4-1: config 0 interface 4 has no altsetting 0
[  327.593830][ T8483] QAT: failed to copy from user.
[  328.078236][ T5856] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  328.429885][  T962] usb 4-1: New USB device found, idVendor=cc35, idProduct=693f, bcdDevice=e7.0f
[  328.442941][  T962] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  329.224191][  T962] usb 4-1: config 0 descriptor??
[  329.237972][  T962] usb 4-1: can't set config #0, error -71
[  329.272179][  T962] usb 4-1: USB disconnect, device number 4
[  329.518066][ T5908] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  329.570670][ T8511] loop1: detected capacity change from 0 to 512
[  329.598214][ T8010] veth0_vlan: entered promiscuous mode
[  329.647535][ T8010] veth1_vlan: entered promiscuous mode
[  329.685236][ T8511] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  329.697943][ T5908] usb 3-1: Using ep0 maxpacket: 32
[  329.718865][ T5908] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  329.752196][ T8511] ext4 filesystem being mounted at /151/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  329.757305][ T5908] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  329.777187][ T5908] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81
[  329.787556][ T5908] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  329.797526][ T5908] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  329.807369][ T5908] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  329.821074][ T5908] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  329.831109][ T5908] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  329.845178][ T5908] usb 3-1: config 0 descriptor??
[  329.938426][ T8010] veth0_macvtap: entered promiscuous mode
[  329.940426][ T5900] libceph: connect (1)[c::]:6789 error -101
[  329.960739][ T5900] libceph: mon0 (1)[c::]:6789 connect error
[  329.989260][ T5900] libceph: connect (1)[c::]:6789 error -101
[  329.997263][ T5900] libceph: mon0 (1)[c::]:6789 connect error
[  330.007514][ T8010] veth1_macvtap: entered promiscuous mode
[  330.052359][ T8524] sg_write: process 431 (syz.3.740) changed security contexts after opening file descriptor, this is not allowed.
[  330.064846][ T8511] netlink: 28 bytes leftover after parsing attributes in process `syz.1.737'.
[  330.110285][ T5908] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 4 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  330.130061][ T8010] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  330.161116][ T8010] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.180038][ T8010] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  330.200884][ T8010] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.220768][ T8010] batman_adv: batadv0: Interface activated: batadv_slave_0
[  330.251425][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.256888][ T8010] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  330.265676][ T5900] libceph: connect (1)[c::]:6789 error -101
[  330.280316][ T5900] libceph: mon0 (1)[c::]:6789 connect error
[  330.317761][ T8010] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.367599][ T8010] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  330.427031][ T8010] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  330.466704][ T8010] batman_adv: batadv0: Interface activated: batadv_slave_1
[  330.584180][ T8010] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  330.600522][ T8518] ceph: No mds server is up or the cluster is laggy
[  330.643114][ T8010] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  330.695083][ T8010] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  330.743940][ T8010] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  330.761693][    C0] usblp0: nonzero read bulk status received: -71
[  330.770901][ T5896] usb 3-1: USB disconnect, device number 4
[  330.992217][   T29] audit: type=1326 audit(1729948320.092:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8532 comm="syz.1.744" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe5c617e719 code=0x0
[  331.104168][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  331.143061][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  331.292758][ T3465] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  331.324194][ T3465] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  331.454593][ T8545] netlink: 36 bytes leftover after parsing attributes in process `syz.3.746'.
[  331.499678][ T8545] netlink: 444 bytes leftover after parsing attributes in process `syz.3.746'.
[  331.531347][ T8545] netlink: 36 bytes leftover after parsing attributes in process `syz.3.746'.
[  332.220490][ T8533] usblp0: removed
[  333.166361][ T8568] ubi0: attaching mtd0
[  333.170895][ T8568] ubi0 error: ubi_attach_mtd_dev: bad VID header (8454144) or data offsets (8454208)
[  334.059122][ T8560] binder: 8559:8560 ioctl c0306201 20000940 returned -14
[  334.622219][ T8579] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  335.216879][ T8588] loop3: detected capacity change from 0 to 512
[  335.698674][ T8588] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  335.758272][ T8588] ext4 filesystem being mounted at /147/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  335.851985][ T8588] netlink: 28 bytes leftover after parsing attributes in process `syz.3.755'.
[  336.993878][ T5841] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  338.851505][ T8651] SET target dimension over the limit!
[  339.909159][ T8643] Cannot find map_set index 0 as target
[  340.077083][ T8668] loop3: detected capacity change from 0 to 512
[  340.162004][ T8668] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  340.200001][ T8668] ext4 filesystem being mounted at /151/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  340.242403][ T8668] netlink: 28 bytes leftover after parsing attributes in process `syz.3.775'.
[  340.374880][ T5841] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  341.109658][ T8685] openvswitch: netlink: Key 6 has unexpected len 218 expected 2
[  341.132285][ T8685] kernel profiling enabled (shift: 0)
[  342.004340][ T8685] syz.4.779: vmalloc error: size 738197504, failed to allocated page array size 1441792, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  342.026278][ T8685] CPU: 1 UID: 0 PID: 8685 Comm: syz.4.779 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  342.037019][ T8685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  342.047318][ T8685] Call Trace:
[  342.050661][ T8685]  <TASK>
[  342.053734][ T8685]  dump_stack_lvl+0x241/0x360
[  342.058472][ T8685]  ? __pfx_dump_stack_lvl+0x10/0x10
[  342.063808][ T8685]  ? __pfx__printk+0x10/0x10
[  342.068534][ T8685]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  342.075081][ T8685]  ? srso_alias_return_thunk+0x5/0xfbef5
[  342.080866][ T8685]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  342.087427][ T8685]  warn_alloc+0x278/0x410
[  342.091809][ T8685]  ? __pfx_warn_alloc+0x10/0x10
[  342.096847][ T8685]  ? profile_init+0xb1/0x100
[  342.101675][ T8685]  ? srso_alias_return_thunk+0x5/0xfbef5
[  342.107375][ T8685]  ? srso_alias_return_thunk+0x5/0xfbef5
[  342.113345][ T8685]  ? __get_vm_area_node+0x23d/0x270
[  342.118717][ T8685]  __vmalloc_node_range_noprof+0x691/0x13f0
[  342.124796][ T8685]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  342.131171][ T8685]  ? rcu_is_watching+0x15/0xb0
[  342.135983][ T8685]  ? rcu_is_watching+0x15/0xb0
[  342.140795][ T8685]  ? profile_init+0xb1/0x100
[  342.145459][ T8685]  ? __pfx_sysfs_kf_write+0x10/0x10
[  342.150757][ T8685]  vzalloc_noprof+0x79/0x90
[  342.155390][ T8685]  ? profile_init+0xb1/0x100
[  342.160137][ T8685]  profile_init+0xb1/0x100
[  342.164614][ T8685]  profiling_store+0x6c/0xf0
[  342.169243][ T8685]  kernfs_fop_write_iter+0x3a2/0x500
[  342.174692][ T8685]  vfs_write+0xaed/0xd30
[  342.178965][ T8685]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  342.184825][ T8685]  ? __pfx_vfs_write+0x10/0x10
[  342.189621][ T8685]  ? srso_alias_return_thunk+0x5/0xfbef5
[  342.195529][ T8685]  ? srso_alias_return_thunk+0x5/0xfbef5
[  342.201220][ T8685]  ? fdget_pos+0x24e/0x320
[  342.205678][ T8685]  ksys_write+0x183/0x2b0
[  342.210045][ T8685]  ? __pfx_ksys_write+0x10/0x10
[  342.214925][ T8685]  ? do_syscall_64+0x100/0x230
[  342.219725][ T8685]  ? do_syscall_64+0xb6/0x230
[  342.224436][ T8685]  do_syscall_64+0xf3/0x230
[  342.228970][ T8685]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.234883][ T8685] RIP: 0033:0x7fb8fc37e719
[  342.239406][ T8685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  342.259034][ T8685] RSP: 002b:00007fb8fbdde038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  342.267852][ T8685] RAX: ffffffffffffffda RBX: 00007fb8fc536130 RCX: 00007fb8fc37e719
[  342.275867][ T8685] RDX: 0000000000000012 RSI: 0000000020000100 RDI: 0000000000000008
[  342.283854][ T8685] RBP: 00007fb8fc3f132e R08: 0000000000000000 R09: 0000000000000000
[  342.291844][ T8685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  342.299825][ T8685] R13: 0000000000000000 R14: 00007fb8fc536130 R15: 00007ffeefb40ad8
[  342.307827][ T8685]  </TASK>
[  342.311994][ T8685] Mem-Info:
[  342.315139][ T8685] active_anon:9441 inactive_anon:0 isolated_anon:0
[  342.315139][ T8685]  active_file:1716 inactive_file:38305 isolated_file:0
[  342.315139][ T8685]  unevictable:768 dirty:235 writeback:0
[  342.315139][ T8685]  slab_reclaimable:10398 slab_unreclaimable:101984
[  342.315139][ T8685]  mapped:28019 shmem:4271 pagetables:881
[  342.315139][ T8685]  sec_pagetables:0 bounce:0
[  342.315139][ T8685]  kernel_misc_reclaimable:0
[  342.315139][ T8685]  free:1311590 free_pcp:5577 free_cma:0
[  342.383102][ T8685] Node 0 active_anon:37864kB inactive_anon:0kB active_file:6828kB inactive_file:153144kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:112076kB dirty:940kB writeback:0kB shmem:15548kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11756kB pagetables:3524kB sec_pagetables:0kB all_unreclaimable? no
[  342.416486][ T8685] Node 1 active_anon:0kB inactive_anon:0kB active_file:36kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  342.448755][ T8685] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  342.476860][ T8685] lowmem_reserve[]: 0 2463 2464 0 0
[  342.483223][ T8685] Node 0 DMA32 free:1435032kB boost:0kB min:34184kB low:42728kB high:51272kB reserved_highatomic:0KB active_anon:38528kB inactive_anon:0kB active_file:6828kB inactive_file:152576kB unevictable:1536kB writepending:940kB present:3129332kB managed:2550460kB mlocked:0kB bounce:0kB free_pcp:2176kB local_pcp:1452kB free_cma:0kB
[  342.513846][ T8685] lowmem_reserve[]: 0 0 0 0 0
[  342.519689][ T8685] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:568kB unevictable:0kB writepending:0kB present:1048580kB managed:620kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:12kB free_cma:0kB
[  342.547543][ T8685] lowmem_reserve[]: 0 0 0 0 0
[  342.552697][ T8685] Node 1 Normal free:3800972kB boost:0kB min:55708kB low:69632kB high:83556kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:36kB inactive_file:76kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:14948kB local_pcp:6076kB free_cma:0kB
[  342.582428][ T8685] lowmem_reserve[]: 0 0 0 0 0
[  342.587243][ T8685] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  342.600336][ T8685] Node 0 DMA32: 665*4kB (UME) 564*8kB (UME) 236*16kB (UME) 179*32kB (UME) 143*64kB (UME) 105*128kB (UME) 51*256kB (UM) 32*512kB (UME) 9*1024kB (UME) 7*2048kB (UME) 329*4096kB (UM) = 1439844kB
[  342.620639][ T8685] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  342.632376][ T8685] Node 1 Normal: 4*4kB (UME) 7*8kB (UME) 8*16kB (ME) 10*32kB (ME) 11*64kB (UME) 5*128kB (ME) 4*256kB (M) 4*512kB (ME) 1*1024kB (M) 3*2048kB (UME) 925*4096kB (M) = 3800904kB
[  342.650632][ T8685] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  342.660585][ T8685] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  342.671208][ T8685] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  342.681215][ T8685] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  342.690591][ T8685] 44287 total pagecache pages
[  342.695395][ T8685] 0 pages in swap cache
[  342.699624][ T8685] Free swap  = 124472kB
[  342.703900][ T8685] Total swap = 124996kB
[  342.708174][ T8685] 2097051 pages RAM
[  342.712017][ T8685] 0 pages HighMem/MovableOnly
[  342.716911][ T8685] 427650 pages reserved
[  342.722112][ T8685] 0 pages cma reserved
[  343.178059][ T5900] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  343.489438][ T5900] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  343.733009][ T5900] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  343.823959][ T5900] usb 4-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  343.917403][ T5900] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  344.028185][ T5900] usb 4-1: config 0 descriptor??
[  344.081464][ T5900] usb 4-1: can't set config #0, error -71
[  344.211173][ T8712] loop1: detected capacity change from 0 to 512
[  344.465376][ T8712] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  344.492801][ T8711] SET target dimension over the limit!
[  344.555053][ T5900] usb 4-1: USB disconnect, device number 5
[  344.566546][ T8712] ext4 filesystem being mounted at /158/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  345.441882][ T8712] netlink: 28 bytes leftover after parsing attributes in process `syz.1.789'.
[  346.554745][ T5856] Bluetooth: hci6: unexpected event 0x0f length: 70 > 4
[  346.635255][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  346.856454][ T8751] openvswitch: netlink: Key 6 has unexpected len 218 expected 2
[  349.180746][ T8784] loop3: detected capacity change from 0 to 512
[  349.411287][ T8796] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  349.501464][ T8796] loop4: detected capacity change from 0 to 8
[  349.950563][ T8796] SQUASHFS error: Failed to read block 0x1ea: -5
[  349.957334][ T8796] unable to read xattr id index table
[  350.153278][ T8784] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  350.232726][ T8794] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  350.267230][ T8784] ext4 filesystem being mounted at /155/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  350.375232][ T8784] netlink: 20 bytes leftover after parsing attributes in process `syz.3.809'.
[  350.706018][ T5841] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.798980][ T5915] usb 5-1: new low-speed USB device number 2 using dummy_hcd
[  352.165629][ T5915] usb 5-1: config index 0 descriptor too short (expected 1307, got 27)
[  352.188720][ T5915] usb 5-1: config 0 has an invalid interface number: 0 but max is -1
[  352.307137][ T5915] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 0
[  352.342974][ T5915] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  352.738559][ T5915] usb 5-1: string descriptor 0 read error: -22
[  352.744907][ T5915] usb 5-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de
[  352.780003][ T5915] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  352.881942][ T5915] usb 5-1: config 0 descriptor??
[  352.889821][ T8818] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  353.030403][ T8857] input: syz0 as /devices/virtual/input/input9
[  353.351509][   T29] audit: type=1326 audit(1729948342.362:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8845 comm="syz.1.826" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe5c617e719 code=0x0
[  353.795458][ T5915] hub 5-1:0.0: bad descriptor, ignoring hub
[  353.801601][ T5915] hub 5-1:0.0: probe with driver hub failed with error -5
[  353.818829][ T5915] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input10
[  353.841449][ T5915] usb 5-1: USB disconnect, device number 2
[  353.841459][    C0] usb_acecad 5-1:0.0: can't resubmit intr, dummy_hcd.4-1/input0, status -19
[  354.052480][ T8868] loop2: detected capacity change from 0 to 512
[  354.129338][ T8868] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  354.175540][ T8868] ext4 filesystem being mounted at /152/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  354.251197][ T8882] netlink: 20 bytes leftover after parsing attributes in process `syz.2.833'.
[  354.400706][ T5856] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0
[  354.409631][ T5856] Bluetooth: hci6: Injecting HCI hardware error event
[  354.420870][ T5856] Bluetooth: hci6: hardware error 0x00
[  356.484912][ T5836] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  356.900604][ T5856] Bluetooth: hci6: Opcode 0x0c03 failed: -110
[  357.795958][ T5856] Bluetooth: Unknown LE signaling command 0x36
[  357.803386][ T5856] Bluetooth: Wrong link type (-22)
[  361.456168][ T8998] loop4: detected capacity change from 0 to 256
[  362.249435][ T9013] loop3: detected capacity change from 0 to 1024
[  362.256766][ T9013] ext4: Unknown parameter 'noacl'
[  363.233022][ T9031] No such timeout policy "syz0"
[  363.331391][ T9033] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  363.610714][ T9033] FAT-fs (loop4): Filesystem has been set read-only
[  363.748738][ T9033] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  363.900322][ T9033] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  364.720811][   T29] audit: type=1800 audit(1729948353.622:16): pid=9033 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.875" name="file1" dev="loop4" ino=1048617 res=0 errno=0
[  365.573257][ T9068] Cannot find map_set index 0 as target
[  365.891326][ T9073] loop6: detected capacity change from 0 to 1024
[  365.898801][ T9073] ext4: Unknown parameter 'noacl'
[  368.669343][ T9107] No such timeout policy "syz0"
[  369.493624][ T9116] loop5: detected capacity change from 0 to 512
[  371.542008][ T9134] loop2: detected capacity change from 0 to 256
[  372.582293][ T9116] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.912: bg 0: block 131: padding at end of block bitmap is not set
[  372.787802][ T9116] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  372.865297][ T9116] EXT4-fs (loop5): 1 truncate cleaned up
[  372.879032][ T9116] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  373.040234][ T9156] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  373.238306][ T5848] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.257839][ T9156] FAT-fs (loop2): Filesystem has been set read-only
[  373.280735][ T9156] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  374.015629][ T9156] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  374.243177][   T29] audit: type=1800 audit(1729948363.312:17): pid=9156 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.913" name="file1" dev="loop2" ino=1048618 res=0 errno=0
[  376.992125][ T9206] loop1: detected capacity change from 0 to 512
[  377.601728][ T9206] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.930: bg 0: block 131: padding at end of block bitmap is not set
[  378.206809][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  378.213500][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  378.265113][ T9206] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  378.343598][ T9223] loop3: detected capacity change from 0 to 256
[  378.358854][ T9206] EXT4-fs (loop1): 1 truncate cleaned up
[  378.368772][ T9206] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  379.720960][ T9240] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  379.863625][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  380.003532][ T9240] FAT-fs (loop3): Filesystem has been set read-only
[  380.030317][ T9240] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  380.124667][ T9251] netlink: 8 bytes leftover after parsing attributes in process `syz.1.943'.
[  380.134676][ T9251] netlink: 4 bytes leftover after parsing attributes in process `syz.1.943'.
[  380.194991][ T9240] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  380.416027][   T29] audit: type=1800 audit(1729948369.512:18): pid=9240 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.936" name="file1" dev="loop3" ino=1048619 res=0 errno=0
[  381.986974][ T9287] netlink: 12 bytes leftover after parsing attributes in process `syz.2.955'.
[  382.225822][ T9293] loop5: detected capacity change from 0 to 512
[  382.418430][ T9293] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.956: bg 0: block 131: padding at end of block bitmap is not set
[  382.503253][ T9293] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  382.630318][ T9293] EXT4-fs (loop5): 1 truncate cleaned up
[  382.639762][ T9293] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  382.742929][ T9306] netlink: 132 bytes leftover after parsing attributes in process `syz.6.961'.
[  385.610916][ T5848] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.889669][ T9343] tmpfs: Bad value for 'usrquota_inode_hardlimit'
[  386.410220][ T9368] loop6: detected capacity change from 0 to 256
[  387.616961][ T9373] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  387.632119][ T9373] FAT-fs (loop6): Filesystem has been set read-only
[  387.707769][ T9373] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  387.723022][ T9373] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  387.781986][   T29] audit: type=1800 audit(1729948376.842:19): pid=9373 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.976" name="file1" dev="loop6" ino=1048620 res=0 errno=0
[  387.945753][ T9372] netlink: 12 bytes leftover after parsing attributes in process `syz.2.977'.
[  388.819985][ T9379] ubi0: attaching mtd0
[  388.832401][ T9379] ubi0: scanning is finished
[  388.837286][ T9379] ubi0: empty MTD device detected
[  389.766412][ T9379] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4
[  389.896990][ T9386] loop3: detected capacity change from 0 to 512
[  390.131158][ T9378] delete_channel: no stack
[  390.603383][ T9386] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.981: bg 0: block 131: padding at end of block bitmap is not set
[  390.648362][ T9386] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  390.769695][ T9386] EXT4-fs (loop3): 1 truncate cleaned up
[  390.776394][ T9386] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  394.774269][ T5841] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  395.163961][ T9440] overlayfs: overlapping lowerdir path
[  399.846916][ T9504] loop2: detected capacity change from 0 to 512
[  399.965121][ T9504] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1006: bg 0: block 131: padding at end of block bitmap is not set
[  400.007033][ T9504] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  400.017336][ T9504] EXT4-fs (loop2): 1 truncate cleaned up
[  400.158468][ T9504] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  402.517910][ T5836] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.295412][ T1910] IPVS: starting estimator thread 0...
[  407.698367][ T9610] IPVS: using max 16 ests per chain, 38400 per kthread
[  407.927175][ T9629] 8021q: adding VLAN 0 to HW filter on device bond1
[  415.358092][ T9767] tipc: Started in network mode
[  415.363121][ T9767] tipc: Node identity ac1414aa, cluster identity 4711
[  415.510304][ T9767] tipc: Enabled bearer <udp:syz2>, priority 10
[  416.638064][ T1910] tipc: Node number set to 2886997162
[  417.680016][ T9792] overlayfs: overlapping lowerdir path
[  419.812552][ T9853] loop5: detected capacity change from 0 to 512
[  420.733969][ T9853] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  421.177889][ T9853] ext4 filesystem being mounted at /174/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  421.323917][ T9853] netlink: 68 bytes leftover after parsing attributes in process `syz.5.1058'.
[  421.474122][ T5848] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  422.607375][ T9881] loop2: detected capacity change from 0 to 512
[  423.325649][ T9881] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1064: bg 0: block 131: padding at end of block bitmap is not set
[  423.409580][ T9881] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  423.468609][ T9881] EXT4-fs (loop2): 1 truncate cleaned up
[  423.489015][ T9881] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  423.874746][ T9885] overlayfs: overlapping lowerdir path
[  424.261779][ T5836] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  426.095964][ T9923] loop1: detected capacity change from 0 to 512
[  426.250759][ T9923] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  426.349320][ T9923] ext4 filesystem being mounted at /208/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  426.371007][ T9923] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1074'.
[  426.454830][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  426.527602][ T9931] hub 6-0:1.0: USB hub found
[  426.555858][ T9931] hub 6-0:1.0: 1 port detected
[  427.801788][ T9936] loop1: detected capacity change from 0 to 512
[  428.087512][ T9936] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  428.186240][ T9936] ext4 filesystem being mounted at /209/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  428.755225][   T29] audit: type=1800 audit(1729948417.842:20): pid=9935 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1076" name="bus" dev="loop1" ino=18 res=0 errno=0
[  429.549665][ T9953] No such timeout policy "syz0"
[  430.597002][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  433.191930][ T9984] loop6: detected capacity change from 0 to 512
[  434.578433][ T9984] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  434.626422][ T9984] ext4 filesystem being mounted at /70/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  434.999152][ T9996] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  435.165404][T10007] No such timeout policy "syz0"
[  436.000275][ T9984] netlink: 68 bytes leftover after parsing attributes in process `syz.6.1088'.
[  437.430322][T10018] loop3: detected capacity change from 0 to 512
[  437.559105][    T8] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  437.659295][ T8010] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  437.678744][T10018] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  437.714860][T10027] hub 6-0:1.0: USB hub found
[  437.721729][T10027] hub 6-0:1.0: 1 port detected
[  437.730024][T10018] ext4 filesystem being mounted at /190/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  437.741067][    T8] usb 5-1: Using ep0 maxpacket: 16
[  437.750055][    T8] usb 5-1: config 1 has too many interfaces: 255, using maximum allowed: 32
[  437.763868][    T8] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 255
[  437.775856][    T8] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  437.793674][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  437.805853][    T8] usb 5-1: Product: syz
[  437.810251][    T8] usb 5-1: Manufacturer: syz
[  437.815545][    T8] usb 5-1: SerialNumber: syz
[  437.838462][    T8] r8152-cfgselector 5-1: Unknown version 0x0000
[  437.907958][   T29] audit: type=1800 audit(1729948426.952:21): pid=10015 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1095" name="bus" dev="loop3" ino=18 res=0 errno=0
[  438.270858][ T5841] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  438.295432][ T5896] r8152-cfgselector 5-1: USB disconnect, device number 3
[  440.508064][   T29] audit: type=1800 audit(1729948429.092:22): pid=10051 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1103" name="bus" dev="overlay" ino=1135 res=0 errno=0
[  441.574939][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  441.581598][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  442.252635][T10063] No such timeout policy "syz0"
[  442.972272][T10061] 8021q: adding VLAN 0 to HW filter on device bond1
[  443.091771][T10072] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1112'.
[  443.183586][T10074] loop1: detected capacity change from 0 to 512
[  443.331053][T10074] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  443.402321][T10074] ext4 filesystem being mounted at /214/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  443.631468][T10078] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  444.242508][T10074] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1111'.
[  444.971619][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  446.318420][T10112] No such timeout policy "syz0"
[  447.877203][T10141] netlink: 52 bytes leftover after parsing attributes in process `syz.6.1127'.
[  449.205676][T10188] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1131'.
[  450.242543][T10199] loop4: detected capacity change from 0 to 512
[  451.752346][T10199] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  451.945971][T10199] ext4 filesystem being mounted at /165/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  455.114188][T10275] netlink: 'syz.6.1142': attribute type 9 has an invalid length.
[  455.209730][T10275] netlink: 209836 bytes leftover after parsing attributes in process `syz.6.1142'.
[  455.340355][T10214] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  455.501172][ T5844] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  456.565044][T10292] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1148'.
[  458.024757][T10309] No such timeout policy "syz0"
[  467.278631][T10430] No such timeout policy "syz0"
[  467.850788][T10449] 8021q: adding VLAN 0 to HW filter on device bond2
[  468.457235][T10453] QAT: failed to copy from user.
[  472.223609][T10496] No such timeout policy "syz0"
[  480.708834][T10549] vlan2: entered promiscuous mode
[  480.714744][T10549] veth1: entered promiscuous mode
[  480.720046][T10549] vlan2: entered allmulticast mode
[  480.725195][T10549] veth1: entered allmulticast mode
[  481.150663][T10551] loop3: detected capacity change from 0 to 512
[  482.143694][T10551] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  482.550666][   T29] audit: type=1326 audit(1729948471.652:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10557 comm="syz.6.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f847537e719 code=0x7ffc0000
[  482.769998][   T29] audit: type=1326 audit(1729948471.682:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10557 comm="syz.6.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f847537e719 code=0x7ffc0000
[  482.939572][   T29] audit: type=1326 audit(1729948471.682:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10557 comm="syz.6.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f847537e719 code=0x7ffc0000
[  483.500166][T10568] No such timeout policy "syz0"
[  483.680567][   T29] audit: type=1326 audit(1729948471.682:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10557 comm="syz.6.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f847537e719 code=0x7ffc0000
[  484.707539][   T29] audit: type=1326 audit(1729948471.682:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10557 comm="syz.6.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=245 compat=0 ip=0x7f847537e719 code=0x7ffc0000
[  485.001497][   T29] audit: type=1326 audit(1729948471.682:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10557 comm="syz.6.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f847537e719 code=0x7ffc0000
[  485.179178][   T29] audit: type=1326 audit(1729948471.682:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10557 comm="syz.6.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f847537e719 code=0x7ffc0000
[  485.293551][   T29] audit: type=1326 audit(1729948471.682:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10557 comm="syz.6.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f847537e719 code=0x7ffc0000
[  485.842641][   T29] audit: type=1326 audit(1729948471.682:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10557 comm="syz.6.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f847537d0b0 code=0x7ffc0000
[  486.200361][   T29] audit: type=1326 audit(1729948471.682:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10557 comm="syz.6.1208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f847537e719 code=0x7ffc0000
[  486.789316][T10598] overlayfs: overlapping lowerdir path
[  489.332874][T10623] netlink: 'syz.4.1227': attribute type 9 has an invalid length.
[  489.342252][T10623] netlink: 209836 bytes leftover after parsing attributes in process `syz.4.1227'.
[  490.678828][T10638] TCP: out of memory -- consider tuning tcp_mem
[  500.830316][T10716] openvswitch: netlink: Key 6 has unexpected len 218 expected 2
[  501.159235][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  501.165860][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  508.097291][T10764] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1266'.
[  508.318772][ T5856] Bluetooth: hci0: unexpected event 0x0f length: 70 > 4
[  508.318824][ T5856] Bluetooth: hci0: unexpected event for opcode 0x080b
[  508.626549][T10772] openvswitch: netlink: Key 6 has unexpected len 218 expected 2
[  512.880282][   T29] kauditd_printk_skb: 40 callbacks suppressed
[  512.880311][   T29] audit: type=1326 audit(1729948501.202:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10797 comm="syz.3.1276" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff054b7e719 code=0x0
[  512.943330][   T54] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  512.969913][   T54] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  512.986160][   T54] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  513.129611][   T54] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  513.390039][   T54] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  513.401192][   T54] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  513.963471][   T35] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  515.169065][   T35] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  515.586482][   T54] Bluetooth: hci4: command tx timeout
[  515.922812][   T35] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  516.486259][   T35] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  516.703340][   T35] bridge_slave_1: left allmulticast mode
[  516.710280][   T35] bridge_slave_1: left promiscuous mode
[  516.716315][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  516.733159][   T35] bridge_slave_0: left allmulticast mode
[  516.740237][   T35] bridge_slave_0: left promiscuous mode
[  516.746125][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  517.617917][   T54] Bluetooth: hci4: command tx timeout
[  519.697820][   T54] Bluetooth: hci4: command tx timeout
[  520.153862][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  520.248146][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  520.314157][   T35] bond0 (unregistering): Released all slaves
[  520.431199][T10839] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  520.747893][T10795] chnl_net:caif_netlink_parms(): no params data found
[  521.777756][   T54] Bluetooth: hci4: command tx timeout
[  522.999998][T10900] netlink: 'syz.5.1300': attribute type 5 has an invalid length.
[  524.085097][T10795] bridge0: port 1(bridge_slave_0) entered blocking state
[  524.147966][T10795] bridge0: port 1(bridge_slave_0) entered disabled state
[  524.208226][T10795] bridge_slave_0: entered allmulticast mode
[  525.041424][T10795] bridge_slave_0: entered promiscuous mode
[  525.857173][   T35] hsr_slave_0: left promiscuous mode
[  525.866267][   T35] hsr_slave_1: left promiscuous mode
[  525.883074][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  525.950582][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  526.094599][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  526.103769][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  526.225913][   T35] veth1: left allmulticast mode
[  526.507873][   T35] veth1: left promiscuous mode
[  526.516968][   T35] veth1_macvtap: left promiscuous mode
[  526.592483][   T35] veth0_macvtap: left promiscuous mode
[  526.705278][   T35] veth1_vlan: left promiscuous mode
[  526.846870][   T35] veth0_vlan: left promiscuous mode
[  527.189446][T10940] loop1: detected capacity change from 0 to 256
[  527.584394][T10942] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  527.595023][T10942] FAT-fs (loop1): Filesystem has been set read-only
[  527.602395][T10942] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  527.612923][T10942] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  527.697947][   T29] audit: type=1800 audit(1729948516.722:74): pid=10942 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1310" name="file1" dev="loop1" ino=1048621 res=0 errno=0
[  530.313081][T10958] netlink: 'syz.2.1316': attribute type 5 has an invalid length.
[  530.725187][T10970] No such timeout policy "syz0"
[  533.020893][T10981] loop4: detected capacity change from 0 to 1024
[  533.028230][T10981] ext4: Unknown parameter 'noacl'
[  533.402937][T10984] loop3: detected capacity change from 0 to 256
[  534.597122][T10992] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  534.607686][T10992] FAT-fs (loop3): Filesystem has been set read-only
[  534.614385][T10992] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  534.625857][T10992] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  534.686161][   T29] audit: type=1800 audit(1729948523.732:75): pid=10992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1323" name="file1" dev="loop3" ino=1048622 res=0 errno=0
[  536.797435][   T35] team0 (unregistering): Port device team_slave_1 removed
[  537.205810][   T35] team0 (unregistering): Port device team_slave_0 removed
[  538.510435][T10915] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  538.532486][T10795] bridge0: port 2(bridge_slave_1) entered blocking state
[  538.557756][T10795] bridge0: port 2(bridge_slave_1) entered disabled state
[  538.566905][T10795] bridge_slave_1: entered allmulticast mode
[  538.593227][T10795] bridge_slave_1: entered promiscuous mode
[  538.949446][ T5856] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  539.008022][ T5856] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  539.076545][ T5856] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  539.106994][ T5856] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  539.118700][ T5856] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  539.134800][ T5856] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  539.798179][T10795] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  540.596400][T10795] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  541.016800][T11045] loop2: detected capacity change from 0 to 256
[  541.083488][T10795] team0: Port device team_slave_0 added
[  541.322143][ T5856] Bluetooth: hci6: command tx timeout
[  541.714390][T11054] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  541.725393][T11054] FAT-fs (loop2): Filesystem has been set read-only
[  541.733244][T11054] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  541.743721][T11054] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  541.884536][   T29] audit: type=1800 audit(1729948530.862:76): pid=11054 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1338" name="file1" dev="loop2" ino=1048623 res=0 errno=0
[  542.122397][T10795] team0: Port device team_slave_1 added
[  542.506153][T10795] batman_adv: batadv0: Adding interface: batadv_slave_0
[  542.536456][T10795] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  542.716875][T10795] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  542.813535][T10795] batman_adv: batadv0: Adding interface: batadv_slave_1
[  542.844358][T10795] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  543.039052][T10795] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  543.638307][ T5856] Bluetooth: hci6: command tx timeout
[  545.776692][ T5856] Bluetooth: hci6: command tx timeout
[  546.742223][T10795] hsr_slave_0: entered promiscuous mode
[  546.779653][T10795] hsr_slave_1: entered promiscuous mode
[  546.825911][T10795] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  547.097839][T10795] Cannot create hsr debugfs directory
[  548.027738][ T5856] Bluetooth: hci6: command tx timeout
[  548.132042][T11123] loop1: detected capacity change from 0 to 256
[  549.348067][   T35] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  549.401552][T11024] chnl_net:caif_netlink_parms(): no params data found
[  549.573953][T11140] netlink: 180 bytes leftover after parsing attributes in process `syz.3.1358'.
[  550.240489][   T35] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  551.142496][   T35] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  551.336494][T11155] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  551.486103][T11155] FAT-fs (loop1): Filesystem has been set read-only
[  551.722877][   T35] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  551.740360][T11155] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  551.835290][T11155] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  551.849863][   T29] audit: type=1800 audit(1729948540.952:77): pid=11155 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1352" name="file1" dev="loop1" ino=1048624 res=0 errno=0
[  552.069478][T11024] bridge0: port 1(bridge_slave_0) entered blocking state
[  552.098135][T11024] bridge0: port 1(bridge_slave_0) entered disabled state
[  552.151284][T11024] bridge_slave_0: entered allmulticast mode
[  552.197914][T11024] bridge_slave_0: entered promiscuous mode
[  552.274574][T11024] bridge0: port 2(bridge_slave_1) entered blocking state
[  552.322693][T11024] bridge0: port 2(bridge_slave_1) entered disabled state
[  552.345329][T11024] bridge_slave_1: entered allmulticast mode
[  552.352662][T11024] bridge_slave_1: entered promiscuous mode
[  552.477157][T11024] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  552.529436][T11024] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  553.339551][T11024] team0: Port device team_slave_0 added
[  553.988751][T11024] team0: Port device team_slave_1 added
[  554.264252][T11024] batman_adv: batadv0: Adding interface: batadv_slave_0
[  554.558702][T11196] No such timeout policy "syz0"
[  554.962619][T11024] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  555.395293][T11024] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  556.352333][T11024] batman_adv: batadv0: Adding interface: batadv_slave_1
[  556.398031][T11024] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  556.576348][T11024] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  556.712595][   T35] bridge_slave_1: left allmulticast mode
[  556.746682][   T35] bridge_slave_1: left promiscuous mode
[  556.787366][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  556.824768][   T35] bridge_slave_0: left allmulticast mode
[  556.831986][   T35] bridge_slave_0: left promiscuous mode
[  556.895860][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  557.365498][T11212] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1372'.
[  558.834800][T11225] syz.3.1376(11225): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  560.027707][  T962] usb 5-1: new low-speed USB device number 4 using dummy_hcd
[  560.295916][  T962] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  560.309176][  T962] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 73, setting to 8
[  560.351859][  T962] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  560.393076][  T962] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  560.482023][  T962] usb 5-1: config 0 descriptor??
[  560.555647][T11221] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  560.906225][  T962] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  561.073636][  T962] usb 5-1: USB disconnect, device number 4
[  561.127818][  T962] iowarrior 5-1:0.0: I/O-Warror #0 now disconnected
[  561.144101][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  561.156219][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  561.199750][   T35] bond0 (unregistering): Released all slaves
[  561.309846][T10795] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  561.325382][T10795] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  561.337188][T10795] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  561.351232][T10795] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  561.458601][T11024] hsr_slave_0: entered promiscuous mode
[  561.474117][T11024] hsr_slave_1: entered promiscuous mode
[  561.490910][T11024] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  561.500868][T11024] Cannot create hsr debugfs directory
[  561.578375][T11240] No such timeout policy "syz0"
[  562.704862][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  562.730971][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  562.777097][T11250] No such timeout policy "syz0"
[  567.619112][T11280] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1391'.
[  568.118881][T11289] No such timeout policy "syz0"
[  568.476218][   T35] hsr_slave_0: left promiscuous mode
[  569.468530][   T35] hsr_slave_1: left promiscuous mode
[  569.698078][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  569.706399][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  569.738215][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  569.746405][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  569.873754][   T35] veth1_macvtap: left promiscuous mode
[  569.925582][   T35] veth0_macvtap: left promiscuous mode
[  569.968092][   T35] veth1_vlan: left promiscuous mode
[  570.037911][   T35] veth0_vlan: left promiscuous mode
[  570.499590][   T54] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  570.512033][   T54] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  570.521300][   T54] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  570.558365][   T54] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  570.569555][   T54] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  570.589761][   T54] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  572.280064][T11327] No such timeout policy "syz0"
[  572.625815][   T35] team0 (unregistering): Port device team_slave_1 removed
[  572.757431][   T35] team0 (unregistering): Port device team_slave_0 removed
[  572.772105][   T54] Bluetooth: hci3: command tx timeout
[  575.142304][   T54] Bluetooth: hci3: command tx timeout
[  575.837682][ T5908] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[  575.975924][T11024] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  576.020195][T11305] chnl_net:caif_netlink_parms(): no params data found
[  576.035614][T11024] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  576.084728][T11024] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  576.161872][ T5908] usb 2-1: config 252 has an invalid interface number: 254 but max is 0
[  576.170811][ T5908] usb 2-1: config 252 has no interface number 0
[  576.186842][ T5908] usb 2-1: config 252 interface 254 altsetting 1 endpoint 0x6 has invalid wMaxPacketSize 0
[  576.242183][ T5908] usb 2-1: config 252 interface 254 altsetting 1 endpoint 0x8 has invalid wMaxPacketSize 0
[  576.262788][ T5908] usb 2-1: config 252 interface 254 has no altsetting 0
[  576.274950][ T5908] usb 2-1: New USB device found, idVendor=057c, idProduct=2200, bcdDevice=46.29
[  576.305692][T11024] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  576.322779][ T5908] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  576.331393][ T5908] usb 2-1: Product: syz
[  576.335586][ T5908] usb 2-1: Manufacturer: syz
[  576.352653][ T5908] usb 2-1: SerialNumber: syz
[  576.505354][ T5908] bfusb 2-1:252.254: probe with driver bfusb failed with error -5
[  577.251075][   T54] Bluetooth: hci3: command tx timeout
[  577.384346][ T5896] usb 2-1: USB disconnect, device number 3
[  577.837771][T11388] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1409'.
[  577.869354][T11305] bridge0: port 1(bridge_slave_0) entered blocking state
[  577.877873][T11305] bridge0: port 1(bridge_slave_0) entered disabled state
[  577.898104][T11305] bridge_slave_0: entered allmulticast mode
[  578.318706][   T35] IPVS: stop unused estimator thread 0...
[  578.477979][T11305] bridge_slave_0: entered promiscuous mode
[  578.529246][T11305] bridge0: port 2(bridge_slave_1) entered blocking state
[  578.589445][T11305] bridge0: port 2(bridge_slave_1) entered disabled state
[  578.596903][T11305] bridge_slave_1: entered allmulticast mode
[  578.606441][T11305] bridge_slave_1: entered promiscuous mode
[  579.385725][   T54] Bluetooth: hci3: command tx timeout
[  579.575944][T11305] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  579.869347][T11305] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  580.001567][T11411] netlink: 'syz.3.1413': attribute type 5 has an invalid length.
[  580.206686][T11409] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1412'.
[  580.216604][T11409] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1412'.
[  581.046462][T11305] team0: Port device team_slave_0 added
[  581.470109][T11024] 8021q: adding VLAN 0 to HW filter on device bond0
[  581.500380][T11305] team0: Port device team_slave_1 added
[  581.586098][T11429] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1420'.
[  581.675291][T11024] 8021q: adding VLAN 0 to HW filter on device team0
[  582.330835][T11305] batman_adv: batadv0: Adding interface: batadv_slave_0
[  582.457897][T11305] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  582.591419][T11305] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  582.621394][T11305] batman_adv: batadv0: Adding interface: batadv_slave_1
[  582.642973][T11305] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  582.735780][T11305] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  582.770963][ T7930] bridge0: port 1(bridge_slave_0) entered blocking state
[  582.778277][ T7930] bridge0: port 1(bridge_slave_0) entered forwarding state
[  582.794493][ T7930] bridge0: port 2(bridge_slave_1) entered blocking state
[  582.801875][ T7930] bridge0: port 2(bridge_slave_1) entered forwarding state
[  583.751577][T11305] hsr_slave_0: entered promiscuous mode
[  583.863065][T11305] hsr_slave_1: entered promiscuous mode
[  583.884387][T11305] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  583.911600][T11305] Cannot create hsr debugfs directory
[  584.140004][T11462] overlayfs: overlapping lowerdir path
[  585.831922][T11024] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  586.721363][T11509] ------------[ cut here ]------------
[  586.726879][T11509] DEBUG_LOCKS_WARN_ON(1)
[  586.726971][T11509] WARNING: CPU: 0 PID: 11509 at kernel/locking/lockdep.c:232 __lock_acquire+0x58c/0x2050
[  586.741131][T11509] Modules linked in:
[  586.745378][T11509] CPU: 0 UID: 0 PID: 11509 Comm: syz.1.1427 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  586.756229][T11509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  586.766730][T11509] RIP: 0010:__lock_acquire+0x58c/0x2050
[  586.772430][T11509] Code: 00 00 83 3d 75 d1 ac 0e 00 75 23 90 48 c7 c7 e0 c9 0a 8c 48 c7 c6 80 cc 0a 8c e8 1f 7e e5 ff 48 ba 00 00 00 00 00 fc ff df 90 <0f> 0b 90 90 90 31 db 48 81 c3 c4 00 00 00 48 89 d8 48 c1 e8 03 0f
[  586.792615][T11509] RSP: 0018:ffffc9000bf3f270 EFLAGS: 00010046
[  586.798711][T11509] RAX: be296e25c441a100 RBX: 0000000000001568 RCX: 0000000000040000
[  586.806688][T11509] RDX: dffffc0000000000 RSI: 000000000003ffff RDI: 0000000000040000
[  586.814685][T11509] RBP: 000000000000000f R08: ffffffff8155e452 R09: 1ffff110170c519a
[  586.822687][T11509] R10: dffffc0000000000 R11: ffffed10170c519b R12: ffff88807ba85a00
[  586.830668][T11509] R13: 0000000000001568 R14: 1ffff1100f750caf R15: ffff88807ba86578
[  586.838728][T11509] FS:  00007fe5c702f6c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  586.847943][T11509] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  586.854555][T11509] CR2: 00007ff86495c752 CR3: 0000000026acc000 CR4: 0000000000350ef0
[  586.862704][T11509] Call Trace:
[  586.865983][T11509]  <TASK>
[  586.868912][T11509]  ? __warn+0x168/0x4e0
[  586.873077][T11509]  ? __lock_acquire+0x58c/0x2050
[  586.878054][T11509]  ? report_bug+0x2b3/0x500
[  586.882563][T11509]  ? __lock_acquire+0x58c/0x2050
[  586.887658][T11509]  ? handle_bug+0x60/0x90
[  586.892180][T11509]  ? exc_invalid_op+0x1a/0x50
[  586.896873][T11509]  ? asm_exc_invalid_op+0x1a/0x20
[  586.901900][T11509]  ? __warn_printk+0x292/0x360
[  586.906694][T11509]  ? __lock_acquire+0x58c/0x2050
[  586.911784][T11509]  lock_acquire+0x1ed/0x550
[  586.916685][T11509]  ? raw_spin_rq_lock_nested+0x2a/0x140
[  586.922280][T11509]  ? select_task_rq_rt+0x68/0x310
[  586.927588][T11509]  ? __pfx_lock_acquire+0x10/0x10
[  586.932675][T11509]  ? __pfx_lock_acquire+0x10/0x10
[  586.937913][T11509]  ? select_task_rq_rt+0x68/0x310
[  586.942962][T11509]  ? __pfx_lock_release+0x10/0x10
[  586.948045][T11509]  ? srso_alias_return_thunk+0x5/0xfbef5
[  586.953706][T11509]  ? _raw_spin_lock_irqsave+0xe1/0x120
[  586.959344][T11509]  _raw_spin_lock_nested+0x31/0x40
[  586.964572][T11509]  ? raw_spin_rq_lock_nested+0x2a/0x140
[  586.970128][T11509]  raw_spin_rq_lock_nested+0x2a/0x140
[  586.975607][T11509]  try_to_wake_up+0x81e/0x14b0
[  586.980379][T11509]  ? __skb_try_recv_from_queue+0x5d8/0x780
[  586.986379][T11509]  ? __pfx_try_to_wake_up+0x10/0x10
[  586.991601][T11509]  ? srso_alias_return_thunk+0x5/0xfbef5
[  586.997533][T11509]  ? srso_alias_return_thunk+0x5/0xfbef5
[  587.005112][T11509]  ? _raw_spin_lock_irqsave+0xe1/0x120
[  587.010637][T11509]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  587.016863][T11509]  autoremove_wake_function+0x16/0x110
[  587.022456][T11509]  __wake_up_common_lock+0x132/0x1e0
[  587.027859][T11509]  __unix_dgram_recvmsg+0x5f4/0x12f0
[  587.033258][T11509]  ? __pfx___unix_dgram_recvmsg+0x10/0x10
[  587.038999][T11509]  ? srso_alias_return_thunk+0x5/0xfbef5
[  587.044635][T11509]  ? iovec_from_user+0x61/0x240
[  587.049695][T11509]  ? srso_alias_return_thunk+0x5/0xfbef5
[  587.055338][T11509]  ? srso_alias_return_thunk+0x5/0xfbef5
[  587.060982][T11509]  ? unix_dgram_recvmsg+0xb6/0xe0
[  587.066011][T11509]  ? __pfx_unix_dgram_recvmsg+0x10/0x10
[  587.071663][T11509]  sock_recvmsg_nosec+0x190/0x1d0
[  587.076703][T11509]  ____sys_recvmsg+0x3cd/0x480
[  587.081582][T11509]  ? __pfx_____sys_recvmsg+0x10/0x10
[  587.086879][T11509]  ? __might_fault+0xaa/0x120
[  587.091657][T11509]  do_recvmmsg+0x45e/0xad0
[  587.096088][T11509]  ? __pfx_do_recvmmsg+0x10/0x10
[  587.101058][T11509]  ? srso_alias_return_thunk+0x5/0xfbef5
[  587.106783][T11509]  ? mark_lock+0x9a/0x360
[  587.111134][T11509]  ? srso_alias_return_thunk+0x5/0xfbef5
[  587.116857][T11509]  ? reacquire_held_locks+0x3eb/0x690
[  587.122228][T11509]  ? vma_end_read+0x18/0x170
[  587.126831][T11509]  ? __pfx_reacquire_held_locks+0x10/0x10
[  587.132568][T11509]  __x64_sys_recvmmsg+0x199/0x250
[  587.137599][T11509]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  587.143145][T11509]  ? exc_page_fault+0x590/0x8c0
[  587.148001][T11509]  ? srso_alias_return_thunk+0x5/0xfbef5
[  587.153637][T11509]  ? do_syscall_64+0xb6/0x230
[  587.158313][T11509]  do_syscall_64+0xf3/0x230
[  587.162946][T11509]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  587.168873][T11509] RIP: 0033:0x7fe5c617e719
[  587.173293][T11509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  587.192929][T11509] RSP: 002b:00007fe5c702f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  587.201354][T11509] RAX: ffffffffffffffda RBX: 00007fe5c6336058 RCX: 00007fe5c617e719
[  587.209865][T11509] RDX: 0000000000010106 RSI: 00000000200000c0 RDI: 0000000000000003
[  587.217851][T11509] RBP: 00007fe5c61f132e R08: 0000000000000000 R09: 0000000000000000
[  587.225829][T11509] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  587.234066][T11509] R13: 0000000000000001 R14: 00007fe5c6336058 R15: 00007ffdbac34938
[  587.242338][T11509]  </TASK>
[  587.245378][T11509] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  587.252762][T11509] CPU: 0 UID: 0 PID: 11509 Comm: syz.1.1427 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  587.264702][T11509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  587.274950][T11509] Call Trace:
[  587.278224][T11509]  <TASK>
[  587.281178][T11509]  dump_stack_lvl+0x241/0x360
[  587.286236][T11509]  ? __pfx_dump_stack_lvl+0x10/0x10
[  587.291457][T11509]  ? __pfx__printk+0x10/0x10
[  587.296227][T11509]  ? _printk+0xd5/0x120
[  587.300398][T11509]  ? __init_begin+0x41000/0x41000
[  587.305526][T11509]  ? srso_alias_return_thunk+0x5/0xfbef5
[  587.311183][T11509]  ? vscnprintf+0x5d/0x90
[  587.315546][T11509]  panic+0x349/0x880
[  587.319564][T11509]  ? __warn+0x177/0x4e0
[  587.323728][T11509]  ? __pfx_panic+0x10/0x10
[  587.328178][T11509]  ? show_trace_log_lvl+0x3b2/0x410
[  587.333479][T11509]  __warn+0x34b/0x4e0
[  587.337487][T11509]  ? __lock_acquire+0x58c/0x2050
[  587.342475][T11509]  report_bug+0x2b3/0x500
[  587.346933][T11509]  ? __lock_acquire+0x58c/0x2050
[  587.351887][T11509]  handle_bug+0x60/0x90
[  587.356069][T11509]  exc_invalid_op+0x1a/0x50
[  587.360590][T11509]  asm_exc_invalid_op+0x1a/0x20
[  587.365467][T11509] RIP: 0010:__lock_acquire+0x58c/0x2050
[  587.371313][T11509] Code: 00 00 83 3d 75 d1 ac 0e 00 75 23 90 48 c7 c7 e0 c9 0a 8c 48 c7 c6 80 cc 0a 8c e8 1f 7e e5 ff 48 ba 00 00 00 00 00 fc ff df 90 <0f> 0b 90 90 90 31 db 48 81 c3 c4 00 00 00 48 89 d8 48 c1 e8 03 0f
[  587.391987][T11509] RSP: 0018:ffffc9000bf3f270 EFLAGS: 00010046
[  587.398113][T11509] RAX: be296e25c441a100 RBX: 0000000000001568 RCX: 0000000000040000
[  587.406091][T11509] RDX: dffffc0000000000 RSI: 000000000003ffff RDI: 0000000000040000
[  587.414059][T11509] RBP: 000000000000000f R08: ffffffff8155e452 R09: 1ffff110170c519a
[  587.422059][T11509] R10: dffffc0000000000 R11: ffffed10170c519b R12: ffff88807ba85a00
[  587.430025][T11509] R13: 0000000000001568 R14: 1ffff1100f750caf R15: ffff88807ba86578
[  587.438448][T11509]  ? __warn_printk+0x292/0x360
[  587.443228][T11509]  lock_acquire+0x1ed/0x550
[  587.447747][T11509]  ? raw_spin_rq_lock_nested+0x2a/0x140
[  587.453384][T11509]  ? select_task_rq_rt+0x68/0x310
[  587.458418][T11509]  ? __pfx_lock_acquire+0x10/0x10
[  587.463456][T11509]  ? __pfx_lock_acquire+0x10/0x10
[  587.468490][T11509]  ? select_task_rq_rt+0x68/0x310
[  587.473520][T11509]  ? __pfx_lock_release+0x10/0x10
[  587.478655][T11509]  ? srso_alias_return_thunk+0x5/0xfbef5
[  587.484306][T11509]  ? _raw_spin_lock_irqsave+0xe1/0x120
[  587.489863][T11509]  _raw_spin_lock_nested+0x31/0x40
[  587.495014][T11509]  ? raw_spin_rq_lock_nested+0x2a/0x140
[  587.500596][T11509]  raw_spin_rq_lock_nested+0x2a/0x140
[  587.506004][T11509]  try_to_wake_up+0x81e/0x14b0
[  587.510785][T11509]  ? __skb_try_recv_from_queue+0x5d8/0x780
[  587.516786][T11509]  ? __pfx_try_to_wake_up+0x10/0x10
[  587.522163][T11509]  ? srso_alias_return_thunk+0x5/0xfbef5
[  587.527817][T11509]  ? srso_alias_return_thunk+0x5/0xfbef5
[  587.533476][T11509]  ? _raw_spin_lock_irqsave+0xe1/0x120
[  587.539142][T11509]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  587.545035][T11509]  autoremove_wake_function+0x16/0x110
[  587.550678][T11509]  __wake_up_common_lock+0x132/0x1e0
[  587.556002][T11509]  __unix_dgram_recvmsg+0x5f4/0x12f0
[  587.561308][T11509]  ? __pfx___unix_dgram_recvmsg+0x10/0x10
[  587.567081][T11509]  ? srso_alias_return_thunk+0x5/0xfbef5
[  587.572734][T11509]  ? iovec_from_user+0x61/0x240
[  587.577696][T11509]  ? srso_alias_return_thunk+0x5/0xfbef5
[  587.583338][T11509]  ? srso_alias_return_thunk+0x5/0xfbef5
[  587.588995][T11509]  ? unix_dgram_recvmsg+0xb6/0xe0
[  587.594013][T11509]  ? __pfx_unix_dgram_recvmsg+0x10/0x10
[  587.599582][T11509]  sock_recvmsg_nosec+0x190/0x1d0
[  587.604723][T11509]  ____sys_recvmsg+0x3cd/0x480
[  587.609498][T11509]  ? __pfx_____sys_recvmsg+0x10/0x10
[  587.614801][T11509]  ? __might_fault+0xaa/0x120
[  587.619836][T11509]  do_recvmmsg+0x45e/0xad0
[  587.624265][T11509]  ? __pfx_do_recvmmsg+0x10/0x10
[  587.629211][T11509]  ? srso_alias_return_thunk+0x5/0xfbef5
[  587.634843][T11509]  ? mark_lock+0x9a/0x360
[  587.639196][T11509]  ? srso_alias_return_thunk+0x5/0xfbef5
[  587.644832][T11509]  ? reacquire_held_locks+0x3eb/0x690
[  587.650292][T11509]  ? vma_end_read+0x18/0x170
[  587.655085][T11509]  ? __pfx_reacquire_held_locks+0x10/0x10
[  587.660823][T11509]  __x64_sys_recvmmsg+0x199/0x250
[  587.665874][T11509]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  587.671426][T11509]  ? exc_page_fault+0x590/0x8c0
[  587.676295][T11509]  ? srso_alias_return_thunk+0x5/0xfbef5
[  587.681938][T11509]  ? do_syscall_64+0xb6/0x230
[  587.686633][T11509]  do_syscall_64+0xf3/0x230
[  587.691313][T11509]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  587.697242][T11509] RIP: 0033:0x7fe5c617e719
[  587.701654][T11509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  587.721698][T11509] RSP: 002b:00007fe5c702f038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  587.730485][T11509] RAX: ffffffffffffffda RBX: 00007fe5c6336058 RCX: 00007fe5c617e719
[  587.738902][T11509] RDX: 0000000000010106 RSI: 00000000200000c0 RDI: 0000000000000003
[  587.746969][T11509] RBP: 00007fe5c61f132e R08: 0000000000000000 R09: 0000000000000000
[  587.754955][T11509] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  587.762925][T11509] R13: 0000000000000001 R14: 00007fe5c6336058 R15: 00007ffdbac34938
[  587.770916][T11509]  </TASK>
[  588.912881][T11509] Shutting down cpus with NMI
[  588.918204][T11509] Kernel Offset: disabled
[  588.922743][T11509] Rebooting in 86400 seconds..