last executing test programs:

10m11.050648274s ago: executing program 1 (id=2025):
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002e000000180100002020692500000000002020207b1af8ff00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket(0x1e, 0x4, 0x0)
r0 = socket(0x1e, 0x4, 0xfffffffd)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r1, 0x0, 0x2b, 0x0, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, 0x0, 0x0)
recvmsg$unix(r0, 0x0, 0x20)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001c008102e00f80ecdb4cb9f207c804a00d00000088081afb0a0002000a0ada1b40d80800c5", 0x29}], 0x1, 0x0, 0x0, 0x5865}, 0x0)

10m10.204316968s ago: executing program 1 (id=2026):
r0 = io_uring_setup(0x9, &(0x7f0000000040)={0x0, 0x20c8a1, 0x1c881, 0x8, 0xd1})
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)
io_uring_enter(r0, 0x0, 0x2, 0x17, 0x0, 0x0)

10m9.97874251s ago: executing program 1 (id=2028):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x72, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x2})
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, r3)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x40505330, 0x0)

10m6.053334514s ago: executing program 1 (id=2045):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r4, 0x84, 0x13, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$bind(0x0, &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$FS_IOC_RESVSP(r5, 0xc0189436, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x2, 0x3})

10m4.221891345s ago: executing program 1 (id=2048):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x13)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x5)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000100)={0xfffffff8, 0xaeb, 0xe57, 0x1, 0x7, "3ce6920887000000000000000d00", 0x4, 0x1ff})
ioctl$TIOCSTI(r0, 0x5412, 0x0)

10m3.876791707s ago: executing program 1 (id=2050):
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x42, 0x6, 0x8, 0x0, 0x1}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x8001, 0x0, r1}, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x8000, r2}, 0x38)

9m48.208323963s ago: executing program 32 (id=2050):
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x42, 0x6, 0x8, 0x0, 0x1}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x8001, 0x0, r1}, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x8000, r2}, 0x38)

6m30.939929755s ago: executing program 2 (id=2657):
r0 = syz_open_dev$sndctrl(&(0x7f0000000e00), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sendmsg$IPSET_CMD_HEADER(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)=ANY=[@ANYBLOB="600000000c060500000000000000"], 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000340)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x1}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x2000000)
r4 = syz_open_dev$sndpcmc(&(0x7f0000000480), 0x1, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r4, 0xc1004110, &(0x7f0000000000)={0x0, [0x6, 0xffff1337, 0x3], [{0x0, 0x0, 0x0, 0x1}, {0x35, 0x39}, {0x0, 0x8}, {0x800000, 0x800001}, {0xffff}, {0x1ff}, {0x0, 0x1000}, {}, {}, {}, {}, {0x0, 0xe68b}], 0xc})

6m29.920107601s ago: executing program 2 (id=2661):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x801, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x18, 0x8, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$KVM_GET_LAPIC(0xffffffffffffffff, 0x8400ae8e, &(0x7f0000000880))
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$TCSETS2(0xffffffffffffffff, 0x402c542b, 0x0)
mount(0x0, &(0x7f00000000c0)='./cgroup\x00', &(0x7f0000000100)='bfs\x00', 0x4, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount(&(0x7f0000000180)=@filename='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000300)='pvfs2\x00', 0x11, 0x0)

6m28.180206352s ago: executing program 2 (id=2665):
openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
kcmp(r0, r0, 0x2, r2, r1)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, 0x0, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=ANY=[@ANYBLOB], 0x64}, 0x1, 0x0, 0x0, 0x814}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB], 0x34}}, 0x0)
r4 = syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0)
ioctl$I2C_PEC(r4, 0x708, 0xffffffff)
ioctl$I2C_SMBUS(r4, 0x720, &(0x7f0000000100)={0x1, 0xfd, 0x1, &(0x7f0000000000)={0xb, "e89bc5d748e8290e3619f6201f98cad6d3bf3734cdb92f5963a07b61dedbd29410"}})

6m26.782055791s ago: executing program 2 (id=2670):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1)
mount$fuse(0x0, 0x0, 0x0, 0x80, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='./file0/../file0/../file0/../file0/file0\x00')

6m25.738642407s ago: executing program 2 (id=2671):
socket$nl_netfilter(0x10, 0x3, 0xc)
memfd_secret(0x0)
prctl$PR_MCE_KILL(0x21, 0x0, 0x0)
bpf$LINK_DETACH(0x22, &(0x7f0000000080), 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback, 0xfffffffd}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f00000001c0)=@gcm_256={{0x304}, "6ae04425ace3f60c", "acba84f0a6731f234db1cc7f3f382ad796bd667cb12ea99509873931d2873103", "0f9dafb4", "ec3fff9afd96e6c0"}, 0x38)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4)
writev(r1, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)
shutdown(r1, 0x1)

6m24.586343424s ago: executing program 2 (id=2677):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$pptp(0x18, 0x1, 0x2)
sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x14, 0x2f, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x4, 0xf2}]}, 0x14}], 0x1, 0x0, 0x0, 0x1}, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, r0)

6m22.965396333s ago: executing program 33 (id=2677):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$pptp(0x18, 0x1, 0x2)
sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x14, 0x2f, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x4, 0xf2}]}, 0x14}], 0x1, 0x0, 0x0, 0x1}, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, r0)

9.209742178s ago: executing program 5 (id=4095):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
msgrcv(0x0, 0x0, 0x8, 0x0, 0x4800)
syz_open_procfs$namespace(0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
recvmsg$kcm(r3, &(0x7f0000001480)={0x0, 0x0, 0x0}, 0x2000)
sendmsg$inet(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r4 = socket$nl_route(0x10, 0x3, 0x0)
kcmp(0xffffffffffffffff, 0x0, 0x0, r4, 0xffffffffffffffff)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000540)=@gcm_128={{0x303}, "ffffffffffffffe2", "8e083700daf38a6d69e9b5e9c2f133d7", "6a3a05b9", "12772541f8eb02bb"}, 0x28)
shutdown(r2, 0x1)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='freezer.state\x00', 0x275a, 0x0)
write$cgroup_int(r5, &(0x7f0000000000), 0xffffff6a)
sendfile(r2, r5, 0x0, 0xffffffff004)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

6.267284538s ago: executing program 0 (id=4107):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
r0 = socket$inet(0x2, 0x5, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000080)="441f0801000000e8c94ef56491ee54be0e1c2074ed27c1c6fe76cef3e2", 0x1d)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1f, 0x18, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000feffffff00000000000000001801000000646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000010000808500000006000000b7080000000000007baaf8ff00000000b5080000090000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffff02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe(&(0x7f0000000140)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'lo\x00', <r7=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x2070bd27, 0x25dfdbff, {0xa, 0x40, 0xc0, 0x0, r7}, [@IFA_ADDRESS={0x14, 0x1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @IFA_FLAGS={0x8, 0x8, 0x142}]}, 0x34}, 0x1, 0x0, 0x0, 0x2004c041}, 0x400c0c0)
write$binfmt_misc(r5, &(0x7f0000000000), 0xfffffecc)
splice(r4, 0x0, r6, 0x0, 0x8001, 0xd)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x6)
getpid()
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00'})
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000240)={0x0, 0x28}, 0x1, 0x0, 0x0, 0x880}, 0x816)
getsockopt$inet_opts(r0, 0x0, 0x4, 0x0, &(0x7f00000001c0))
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="043e1f1b"], 0x22)

5.281089805s ago: executing program 0 (id=4108):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x801, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x3, 0x50000, 0x1, 0x0, 0x0, 0x6}, 0x1c)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x18, 0x8, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$KVM_GET_LAPIC(0xffffffffffffffff, 0x8400ae8e, &(0x7f0000000880))
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{0x0}], 0x1)
ioctl$TCSETS2(0xffffffffffffffff, 0x402c542b, 0x0)
mount(0x0, &(0x7f00000000c0)='./cgroup\x00', &(0x7f0000000100)='bfs\x00', 0x4, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount(&(0x7f0000000180)=@filename='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000300)='pvfs2\x00', 0x11, 0x0)

5.280708775s ago: executing program 4 (id=4109):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x1, 0x4, 0x4, 0x2}, 0x50)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000005c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0, 0x13}], 0x2)
r2 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000d00)={&(0x7f00000001c0)={0x18, 0x14, 0x105, 0x70bc2a, 0x2ddfdb7b, {0x11}, [@INET_DIAG_REQ_BYTECODE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8086}, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
r3 = fsopen(&(0x7f0000000000)='udf\x00', 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, 0x0, &(0x7f00000000c0)='io#harset', 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000300)=@abs, 0x6e)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xc, 0x0, 0x0, &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$tcp_congestion(0xffffff9c, &(0x7f0000000280), 0x1, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000090003007379"], 0x7c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
pread64(r4, &(0x7f0000000080)=""/237, 0xed, 0x5)
close(0xffffffffffffffff)

5.279995155s ago: executing program 3 (id=4110):
bpf$MAP_CREATE(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000b00)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [], {0x14}}, 0x28}}, 0x0)

5.009660307s ago: executing program 4 (id=4111):
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x903d01)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x0)
ioctl$EVIOCGMASK(r1, 0x80104592, &(0x7f0000000300)={0x0, 0xffffffffffffff36, &(0x7f0000000200)="952bb3e006ae9a4c3a"})
write$char_usb(r0, 0x0, 0x0)
syz_open_dev$evdev(0x0, 0x2, 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r2, 0x0, 0x0)

5.008758787s ago: executing program 3 (id=4112):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_emit_ethernet(0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc1105518, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x1, [0x0, 0x400, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x834, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x8, 0x8, 0x0, 0x8d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x3, 0x2000000, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2b4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x80000000, 0xfffffffffffffff8, 0x20000, 0x0, 0x0, 0x0, 0x8000000000, 0x1, 0x4, 0x0, 0x10, 0x0, 0x0, 0x4, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000]})

4.958550377s ago: executing program 5 (id=4113):
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000280)={@map, 0x24, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)

4.807653278s ago: executing program 4 (id=4114):
socket$inet_smc(0x2b, 0x1, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x14}, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000020000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0xffffff1f, 0x0, 0x80, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x40}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x40000)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x58, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90646}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0x1f, 0x1f}}, @IFLA_VLAN_ID={0x6, 0x1, 0x1}]}}}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x58}, 0x1, 0x0, 0x0, 0x600}, 0x0)

4.779174078s ago: executing program 5 (id=4115):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = socket(0x10, 0x3, 0x0)
socket(0x10, 0x80003, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x48004)
sendmmsg$alg(r1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x4)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x70, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x34, 0x11, 0x0, 0x1, @limit={{0xa}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x101}, @NFTA_LIMIT_TYPE={0x8, 0x4, 0x1, 0x0, 0x1}]}}}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xb8}}, 0x0)
socket$netlink(0x10, 0x3, 0x14)

3.913160264s ago: executing program 3 (id=4116):
set_mempolicy(0x3, &(0x7f0000000200)=0x3, 0x800)

3.893428234s ago: executing program 0 (id=4117):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r4, 0x84, 0x13, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x2)
chdir(0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$FS_IOC_RESVSP(r5, 0xc0189436, 0x0)

3.737745465s ago: executing program 3 (id=4118):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
r0 = socket$inet(0x2, 0x5, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000080)="441f0801000000e8c94ef56491ee54be0e1c2074ed27c1c6fe76cef3e2", 0x1d)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1f, 0x18, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000feffffff00000000000000001801000000646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000010000808500000006000000b7080000000000007baaf8ff00000000b5080000090000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffff02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe(&(0x7f0000000140)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'lo\x00', <r7=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x2070bd27, 0x25dfdbff, {0xa, 0x40, 0xc0, 0x0, r7}, [@IFA_ADDRESS={0x14, 0x1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @IFA_FLAGS={0x8, 0x8, 0x142}]}, 0x34}, 0x1, 0x0, 0x0, 0x2004c041}, 0x400c0c0)
write$binfmt_misc(r5, &(0x7f0000000000), 0xfffffecc)
splice(r4, 0x0, r6, 0x0, 0x8001, 0xd)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x6)
getpid()
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00'})
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000240)={0x0, 0x28}, 0x1, 0x0, 0x0, 0x880}, 0x816)
getsockopt$inet_opts(r0, 0x0, 0x4, 0x0, &(0x7f00000001c0))
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="043e1f1b"], 0x22)

2.326521124s ago: executing program 0 (id=4119):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x1, 0x4, 0x4, 0x2}, 0x50)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000005c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0, 0x13}], 0x2)
r2 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000d00)={&(0x7f00000001c0)={0x18, 0x14, 0x105, 0x70bc2a, 0x2ddfdb7b, {0x11}, [@INET_DIAG_REQ_BYTECODE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8086}, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
r3 = fsopen(&(0x7f0000000000)='udf\x00', 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, 0x0, &(0x7f00000000c0)='io#harset', 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000300)=@abs, 0x6e)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xc, 0x0, 0x0, &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$tcp_congestion(0xffffff9c, &(0x7f0000000280), 0x1, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000090003007379"], 0x7c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
pread64(r4, &(0x7f0000000080)=""/237, 0xed, 0x5)
close(0xffffffffffffffff)

2.277847115s ago: executing program 4 (id=4120):
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(0xffffffffffffffff, 0x4008941a, 0x0)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000300), 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = dup(r4)
connect$can_bcm(r5, &(0x7f00000002c0), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', <r6=>0x0})
socket$can_bcm(0x1d, 0x2, 0x2)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffd}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$binfmt(0xffffffffffffff9c, 0x0, 0x42, 0x1ff)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r6, {0x1}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

2.072763986s ago: executing program 5 (id=4121):
bpf$MAP_CREATE(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000b00)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [], {0x14}}, 0x28}}, 0x0)

1.41110973s ago: executing program 5 (id=4122):
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x903d01)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x0)
ioctl$EVIOCGMASK(r1, 0x80104592, &(0x7f0000000300)={0x0, 0xffffffffffffff36, &(0x7f0000000200)="952bb3e006ae9a4c3a"})
write$char_usb(r0, 0x0, 0x0)
syz_open_dev$evdev(0x0, 0x2, 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r2, 0x0, 0x0)

1.409340401s ago: executing program 3 (id=4123):
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001800", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000100)='io_uring_register\x00', r0}, 0x10)
r1 = io_uring_setup(0x21dd, &(0x7f00000001c0)={0x0, 0x1fffff, 0x0, 0x2, 0xd5})
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r1, 0xd, &(0x7f0000000140)={0x7, 0x0, 0x0, 0x0}, 0x20)
io_uring_register$IORING_REGISTER_FILES_UPDATE2(r1, 0xe, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000040)=[{0x0, 0xffffffff00000005}], &(0x7f0000000180)=[0xffffffff, 0x7fffffff, 0x2, 0x6, 0x101, 0x1], 0x7}, 0x20)

1.159989973s ago: executing program 0 (id=4124):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180500002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000bc0)={0x18, r1, 0x1, 0x70bd2d, 0x25dfdbff, {}, [@HEADER={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000001}, 0x10)

1.058698393s ago: executing program 0 (id=4125):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x40, 0x0)
read$FUSE(r1, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x200, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x80)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="0100000000000000b4000000000000"])
openat$dir(0xffffffffffffff9c, &(0x7f0000001a00)='./file1\x00', 0x40, 0x0)
r5 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x80000)
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000004a00)='./file1\x00', &(0x7f0000000080)='udf\x00', 0x2008087, 0x0)
ioctl$NBD_CLEAR_SOCK(r5, 0xab04)
ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$netlink(0x10, 0x3, 0x4)
r6 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x17ef, 0x6062, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x70, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0xfd, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x8, 0x0, 0x1, {0x22, 0x3}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0x0, 0x1, 0x4}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
syz_usb_control_io$hid(r6, &(0x7f00000007c0)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x0, "cff258ff"}]}}, 0x0}, 0x0)

994.424943ms ago: executing program 3 (id=4126):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x801, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x3, 0x50000, 0x1, 0x0, 0x0, 0x6}, 0x1c)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x18, 0x8, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$KVM_GET_LAPIC(0xffffffffffffffff, 0x8400ae8e, &(0x7f0000000880))
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{0x0}, {0x0}], 0x2)
ioctl$TCSETS2(0xffffffffffffffff, 0x402c542b, 0x0)
mount(0x0, &(0x7f00000000c0)='./cgroup\x00', &(0x7f0000000100)='bfs\x00', 0x4, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount(&(0x7f0000000180)=@filename='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000300)='pvfs2\x00', 0x11, 0x0)

994.061254ms ago: executing program 4 (id=4127):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='\'\x00\x00\x00\a'], 0x50)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r3, &(0x7f0000000000), 0xd)

774.389145ms ago: executing program 5 (id=4128):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket(0x18, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={{0x14}, [@NFT_MSG_NEWRULE={0x94, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x68, 0x4, 0x0, 0x1, [{0x54, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8}, @NFTA_MATCH_INFO={0x2c, 0x3, "ebae551382395afa4d23edfcbe6d55b57cb15e63c15946395916e2b388abc3d6ce2316334e8278ad"}, @NFTA_MATCH_NAME={0xa, 0x1, 'limit\x00'}]}}}, {0x10, 0x1, 0x0, 0x1, @dynset={{0xb}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xbc}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800)

0s ago: executing program 4 (id=4129):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400010bce)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001300)='/proc/timer_list\x00', 0x0, 0x0)
preadv(r2, &(0x7f0000001500)=[{&(0x7f0000002980)=""/4084, 0xff4}], 0x1, 0xf73, 0x3)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r3 = socket$kcm(0x10, 0x2, 0x0)
r4 = syz_open_dev$dri(&(0x7f00000002c0), 0x1, 0x2100)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000300)={&(0x7f00000001c0)=[0x0], 0x1})
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x110, 0x60, 0xdd, 0x99, 0x20, 0x5e9, 0x9, 0x73db, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xb6, 0x7, 0x0, 0x9, 0xbd, 0x2e}}]}}]}}, 0x0)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x40)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0xa00, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x8000)
r5 = syz_open_dev$MSR(&(0x7f0000000380), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
close_range(r0, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

.242632][ T1153] batman_adv: batadv0: Removing interface: batadv_slave_1
[  843.253121][ T1153] bridge_slave_1: left allmulticast mode
[  843.258787][ T1153] bridge_slave_1: left promiscuous mode
[  843.292265][ T1153] bridge0: port 2(bridge_slave_1) entered disabled state
[  843.325317][ T1153] bridge_slave_0: left allmulticast mode
[  843.344250][ T1153] bridge_slave_0: left promiscuous mode
[  843.362361][ T1153] bridge0: port 1(bridge_slave_0) entered disabled state
[  843.504408][ T1153] bond_slave_0: left promiscuous mode
[  843.510215][ T1153] bond_slave_1: left promiscuous mode
[  843.535866][ T1153] veth1_macvtap: left promiscuous mode
[  843.547141][ T1153] veth0_macvtap: left promiscuous mode
[  843.557349][ T1153] veth1_vlan: left promiscuous mode
[  843.568297][ T1153] veth0_vlan: left promiscuous mode
[  843.914040][ T1153] pimreg (unregistering): left allmulticast mode
[  843.955845][ T1153] bond1 (unregistering): (slave macvlan2): Removing an active aggregator
[  843.975662][ T1153] bond1 (unregistering): (slave macvlan2): Releasing backup interface
[  844.231938][T13545] sd 0:0:1:0: device reset
[  844.822094][ T1153] bond1 (unregistering): Released all slaves
[  844.941801][T13549] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2224'.
[  845.280417][ T1153] team0 (unregistering): Port device team_slave_1 removed
[  845.321642][ T1153] team0 (unregistering): Port device team_slave_0 removed
[  845.366888][ T1153] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  845.411345][ T1153] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  845.717907][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  845.724167][T12585] Bluetooth: hci1: Opcode 0x206a failed: -110
[  846.077889][ T1153] bond0 (unregistering): Released all slaves
[  848.500564][ T1153] IPVS: stop unused estimator thread 0...
[  848.646786][T13590] futex_wake_op: syz.0.2233 tries to shift op by -1; fix this program
[  849.863257][T13601] sd 0:0:1:0: device reset
[  850.982449][   T23] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  851.202412][   T23] usb 4-1: Using ep0 maxpacket: 16
[  851.209804][   T23] usb 4-1: config index 0 descriptor too short (expected 16456, got 72)
[  851.229334][   T23] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[  851.260704][   T23] usb 4-1: config 0 has an invalid interface number: 125 but max is 1
[  851.459346][   T23] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  851.469977][   T23] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  851.479840][   T23] usb 4-1: config 0 has no interface number 0
[  851.494771][   T23] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  851.507112][   T23] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  851.530331][   T23] usb 4-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  851.542791][   T23] usb 4-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  851.556717][   T23] usb 4-1: config 0 interface 125 has no altsetting 0
[  851.567704][   T23] usb 4-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  851.584750][   T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  851.594105][   T23] usb 4-1: Product: syz
[  851.598434][   T23] usb 4-1: Manufacturer: syz
[  851.605324][   T23] usb 4-1: SerialNumber: syz
[  851.644554][T13636] futex_wake_op: syz.0.2244 tries to shift op by -1; fix this program
[  851.686052][   T23] usb 4-1: config 0 descriptor??
[  852.112438][   T51] Bluetooth: hci1: Opcode 0x206a failed: -110
[  852.118742][T12585] Bluetooth: hci1: command 0x0406 tx timeout
[  852.786817][  T789] usb 4-1: USB disconnect, device number 40
[  852.903375][T13651] sd 0:0:1:0: device reset
[  853.523195][   T23] IPVS: starting estimator thread 0...
[  853.633368][T13653] IPVS: using max 21 ests per chain, 50400 per kthread
[  853.689428][T13660] netlink: 'syz.0.2248': attribute type 10 has an invalid length.
[  853.724270][T13660] bond1: option mode: unable to set because the bond device has slaves
[  853.771268][T13660] bond1: (slave macvlan8): Error -98 calling set_mac_address
[  854.786575][T13679] futex_wake_op: syz.2.2255 tries to shift op by -1; fix this program
[  854.833356][    C1] bridge0: port 1(bridge_slave_0) entered learning state
[  854.841671][    C1] bridge0: port 2(bridge_slave_1) entered learning state
[  855.562460][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[  855.568566][T12585] Bluetooth: hci2: Opcode 0x206a failed: -110
[  856.139389][T13695] hub 9-0:1.0: USB hub found
[  856.164443][T13695] hub 9-0:1.0: 1 port detected
[  856.997036][T13702] netlink: 'syz.0.2261': attribute type 10 has an invalid length.
[  857.033368][T13702] bond1: option mode: unable to set because the bond device has slaves
[  857.047414][T13706] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  857.073263][T13702] bond1: (slave macvlan8): Error -98 calling set_mac_address
[  857.535940][T13719] futex_wake_op: syz.0.2265 tries to shift op by -1; fix this program
[  859.252870][T13707] bridge0: port 1(bridge_slave_0) entered disabled state
[  859.264226][T13707] bridge0: left promiscuous mode
[  859.269176][T13707] bridge0: left allmulticast mode
[  860.191126][T13707] bond_slave_0: left promiscuous mode
[  860.197365][T13707] bond_slave_1: left promiscuous mode
[  861.015960][T13707] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  861.117841][T13707] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  861.479556][ T5795] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  861.490768][ T5795] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  861.500169][ T5795] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  861.508729][ T5795] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  861.517433][ T5795] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  861.525976][ T5795] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  861.566473][T13707] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  861.575765][T13707] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  861.584498][T13707] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  861.593106][T13707] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  861.982679][ T9074] bond0: (slave syz_tun): Releasing backup interface
[  862.593142][   T51] Bluetooth: hci4: Opcode 0x206a failed: -110
[  862.601283][   T51] Bluetooth: hci4: command 0x206a tx timeout
[  863.132739][    T8] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  863.231839][T13740] chnl_net:caif_netlink_parms(): no params data found
[  863.342456][    T8] usb 4-1: Using ep0 maxpacket: 32
[  863.381228][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  863.502874][    T8] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  863.569532][   T51] Bluetooth: hci0: command tx timeout
[  863.609054][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  863.779758][    T8] usb 4-1: config 0 descriptor??
[  863.925241][    T8] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  864.225510][T13740] bridge0: port 1(bridge_slave_0) entered blocking state
[  864.265394][T13740] bridge0: port 1(bridge_slave_0) entered disabled state
[  864.292940][T13740] bridge_slave_0: entered allmulticast mode
[  864.323759][T13740] bridge_slave_0: entered promiscuous mode
[  864.361803][T13740] bridge0: port 2(bridge_slave_1) entered blocking state
[  864.397679][T13740] bridge0: port 2(bridge_slave_1) entered disabled state
[  864.429343][T13740] bridge_slave_1: entered allmulticast mode
[  864.457206][T13740] bridge_slave_1: entered promiscuous mode
[  864.538585][T13740] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  864.556359][T13740] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  865.251290][T13740] team0: Port device team_slave_0 added
[  865.290309][T13740] team0: Port device team_slave_1 added
[  865.336146][T13740] batman_adv: batadv0: Adding interface: batadv_slave_0
[  865.352559][T13740] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  865.404881][T13740] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  865.606763][T13740] batman_adv: batadv0: Adding interface: batadv_slave_1
[  865.614430][T13740] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  865.640938][   T51] Bluetooth: hci0: command tx timeout
[  865.646951][T13740] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  865.760356][T13740] hsr_slave_0: entered promiscuous mode
[  865.767226][T13740] hsr_slave_1: entered promiscuous mode
[  865.929143][T13740] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  865.992459][ T5876] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  866.075685][    T8] usb 4-1: USB disconnect, device number 41
[  866.094029][T13740] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  866.182613][ T5876] usb 5-1: Using ep0 maxpacket: 32
[  866.199143][ T5876] usb 5-1: config 0 has no interfaces?
[  866.213249][ T5876] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  866.337898][ T5876] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  866.377633][ T5876] usb 5-1: Product: syz
[  866.392127][ T5876] usb 5-1: Manufacturer: syz
[  866.405843][ T5876] usb 5-1: SerialNumber: syz
[  866.420952][ T5876] usb 5-1: config 0 descriptor??
[  866.445152][T13740] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  866.620875][T13740] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  866.659011][T13795] team_slave_0: entered promiscuous mode
[  866.665190][T13795] team_slave_1: entered promiscuous mode
[  866.674674][T13795] vlan2: entered promiscuous mode
[  866.679826][T13795] team0: entered promiscuous mode
[  866.780460][T12628] usb 5-1: USB disconnect, device number 3
[  867.712543][ T5795] Bluetooth: hci0: command tx timeout
[  867.739495][T13740] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  867.794579][   T51] Bluetooth: hci1: Opcode 0x206a failed: -110
[  867.800730][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  867.843766][T13740] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  867.885194][T13740] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  867.907496][T13831] netlink: 'syz.3.2286': attribute type 10 has an invalid length.
[  867.934074][T13836] bond2: option mode: unable to set because the bond device has slaves
[  867.960665][T13837] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2288'.
[  867.981774][T13837] block nbd0: reconnected socket
[  867.984786][T13740] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  867.993751][T13837] nbd: socks must be embedded in a SOCK_ITEM attr
[  868.007659][   T51] block nbd0: Receive control failed (result -32)
[  868.055727][T13831] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  868.085112][T13831] bond2: (slave macvlan3): Enslaving as a backup interface with an up link
[  868.424099][T13740] 8021q: adding VLAN 0 to HW filter on device bond0
[  868.469962][T13740] 8021q: adding VLAN 0 to HW filter on device team0
[  868.499719][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  868.506944][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  868.537150][ T3452] bridge0: port 2(bridge_slave_1) entered blocking state
[  868.544384][ T3452] bridge0: port 2(bridge_slave_1) entered forwarding state
[  869.792545][ T5795] Bluetooth: hci0: command tx timeout
[  870.262821][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  870.269190][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  870.409008][T13885] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2297'.
[  870.433979][ T5795] Bluetooth: hci1: command 0x0406 tx timeout
[  870.434087][   T51] Bluetooth: hci1: Opcode 0x206a failed: -110
[  870.442261][T13885] block nbd0: reconnected socket
[  870.459654][T13740] 8021q: adding VLAN 0 to HW filter on device batadv0
[  870.463601][T13885] nbd: socks must be embedded in a SOCK_ITEM attr
[  870.482429][ T5795] block nbd0: Receive control failed (result -32)
[  870.507048][T13884] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2296'.
[  870.689227][T13740] veth0_vlan: entered promiscuous mode
[  870.734867][T13740] veth1_vlan: entered promiscuous mode
[  870.829708][T13740] veth0_macvtap: entered promiscuous mode
[  870.898592][T13740] veth1_macvtap: entered promiscuous mode
[  870.941807][T13740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  870.957858][T13740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  870.970090][T13740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  870.981270][T13740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  870.991818][T13740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  871.007184][T13740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  871.033275][T13740] batman_adv: batadv0: Interface activated: batadv_slave_0
[  871.069719][T13740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  871.088325][T13740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  871.100091][T13740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  871.128036][T13740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  871.146567][T13740] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  871.167815][T13740] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  871.185931][T13740] batman_adv: batadv0: Interface activated: batadv_slave_1
[  871.210510][T13740] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  871.220014][T13740] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  871.228990][T13740] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  871.238359][T13740] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  871.285761][ T5792] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  871.363938][ T3452] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  871.384367][ T3452] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  871.419365][ T1153] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  871.437061][ T1153] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  871.502639][ T5792] usb 5-1: Using ep0 maxpacket: 16
[  871.646736][ T5792] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  871.676102][ T5792] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  871.701643][ T5792] usb 5-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[  871.724923][ T5792] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  871.792023][ T5792] usb 5-1: config 0 descriptor??
[  871.808070][ T5998] IPVS: starting estimator thread 0...
[  872.002550][T13921] IPVS: using max 19 ests per chain, 45600 per kthread
[  872.512875][ T5792] corsair 0003:1B1C:1B02.0008: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.4-1/input0
[  872.998638][ T5792] corsair 0003:1B1C:1B02.0008: Failed to get K90 initial state (error -32).
[  873.011517][ T5792] usb 5-1: USB disconnect, device number 4
[  873.212637][   T51] Bluetooth: hci3: command 0x0406 tx timeout
[  873.218978][ T5795] Bluetooth: hci3: Opcode 0x206a failed: -110
[  873.594834][T13929] fido_id[13929]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  873.651507][T13936] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2309'.
[  873.683858][T13938] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2308'.
[  873.742587][T13938] block nbd0: reconnected socket
[  873.762767][T13938] nbd: socks must be embedded in a SOCK_ITEM attr
[  873.791861][ T5795] block nbd0: Receive control failed (result -32)
[  875.242406][ T5876] usb 3-1: new full-speed USB device number 52 using dummy_hcd
[  875.455365][ T5876] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  875.486240][ T5876] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2
[  875.524538][ T5876] usb 3-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  875.551214][ T5876] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  875.582008][ T5876] usb 3-1: config 0 descriptor??
[  875.608961][ T5876] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  875.722480][ T5876] dvb-usb: bulk message failed: -22 (3/0)
[  875.755537][ T5876] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  875.783256][ T5876] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  875.790363][ T5876] usb 3-1: media controller created
[  875.834182][ T5876] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  876.054018][ T5876] dvb-usb: bulk message failed: -22 (6/0)
[  876.079438][ T5876] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  876.095184][ T5876] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input12
[  876.453986][ T5876] dvb-usb: schedule remote query interval to 150 msecs.
[  876.460990][ T5876] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  876.485700][ T5876] usb 3-1: USB disconnect, device number 52
[  876.551254][ T5876] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  877.163720][ T5795] Bluetooth: hci4: Opcode 0x206a failed: -110
[  877.170066][   T51] Bluetooth: hci4: command 0x206a tx timeout
[  877.860812][T13983] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2319'.
[  877.895926][T13983] block nbd0: reconnected socket
[  877.919098][T13983] nbd: socks must be embedded in a SOCK_ITEM attr
[  878.019086][   T51] block nbd0: Receive control failed (result -32)
[  879.007179][T14007] netlink: 7 bytes leftover after parsing attributes in process `syz.3.2325'.
[  879.030498][T14007] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2325'.
[  880.997726][T14041] sd 0:0:1:0: device reset
[  881.083108][   T51] Bluetooth: hci0: Opcode 0x206a failed: -110
[  881.091256][   T51] Bluetooth: hci0: command 0x206a tx timeout
[  881.862907][T14045] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2332'.
[  882.001935][T14045] block nbd0: reconnected socket
[  882.017352][T14045] nbd: socks must be embedded in a SOCK_ITEM attr
[  882.952272][ T5795] block nbd0: Receive control failed (result -32)
[  884.704091][T14142] sd 0:0:1:0: device reset
[  884.914332][    C1] bridge0: port 2(bridge_slave_1) entered forwarding state
[  884.921643][    C1] bridge0: topology change detected, propagating
[  884.928539][    C1] bridge0: port 1(bridge_slave_0) entered forwarding state
[  884.935879][    C1] bridge0: topology change detected, propagating
[  885.544571][T14151] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2344'.
[  885.555819][T14152] netlink: 64 bytes leftover after parsing attributes in process `syz.3.2345'.
[  885.569513][T14152] block nbd0: reconnected socket
[  885.581606][T14152] nbd: socks must be embedded in a SOCK_ITEM attr
[  885.589833][ T5795] block nbd0: Receive control failed (result -32)
[  885.712620][   T51] Bluetooth: hci4: Opcode 0x206a failed: -110
[  885.792516][   T51] Bluetooth: hci4: command 0x206a tx timeout
[  887.242467][T14086] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  887.434484][T14086] usb 5-1: Using ep0 maxpacket: 32
[  887.438549][T14182] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2355'.
[  887.441406][T14086] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  887.449005][T14182] block nbd0: reconnected socket
[  887.465239][T14182] nbd: socks must be embedded in a SOCK_ITEM attr
[  887.466359][T14086] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  887.483803][   T51] block nbd0: Receive control failed (result -32)
[  887.492709][T14086] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  887.502452][T14086] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  887.513260][T14086] usb 5-1: config 0 descriptor??
[  887.576133][T14184] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2356'.
[  888.663366][T14086] usbhid 5-1:0.0: can't add hid device: -71
[  888.669396][T14086] usbhid: probe of 5-1:0.0 failed with error -71
[  888.687130][T14086] usb 5-1: USB disconnect, device number 5
[  888.936756][T14201] netlink: 104 bytes leftover after parsing attributes in process `syz.4.2362'.
[  889.201813][T14207] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2364'.
[  889.219339][T14207] block nbd0: reconnected socket
[  889.226871][T14207] nbd: socks must be embedded in a SOCK_ITEM attr
[  889.235614][   T51] block nbd0: Receive control failed (result -32)
[  889.612391][ T5841] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  889.838747][ T5841] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  889.897211][ T5841] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  890.281895][ T5841] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  890.302364][ T5841] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  890.312835][ T5841] usb 5-1: config 0 descriptor??
[  890.802785][ T5998] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  891.173430][ T5998] usb 4-1: Using ep0 maxpacket: 32
[  891.180890][ T5998] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  891.207497][T14269] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2373'.
[  891.286163][ T5998] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  891.297300][ T5998] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  891.307552][ T5998] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  891.330384][ T5998] usb 4-1: config 0 descriptor??
[  891.796875][ T5998] usbhid 4-1:0.0: can't add hid device: -71
[  891.808816][ T5998] usbhid: probe of 4-1:0.0 failed with error -71
[  891.855064][ T5998] usb 4-1: USB disconnect, device number 42
[  892.238999][   T23] usb 5-1: USB disconnect, device number 6
[  895.082511][ T5998] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  895.345881][ T5998] usb 4-1: Using ep0 maxpacket: 32
[  895.470267][ T5998] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  895.679655][ T5998] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  895.807426][ T5998] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  895.838098][ T5998] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  895.884562][ T5998] usb 4-1: config 0 descriptor??
[  896.652859][ T5998] usbhid 4-1:0.0: can't add hid device: -71
[  896.658912][ T5998] usbhid: probe of 4-1:0.0 failed with error -71
[  896.699482][ T5998] usb 4-1: USB disconnect, device number 43
[  900.554971][ T5998] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  900.750462][ T5998] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  900.825851][ T5998] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  900.890976][ T5998] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  901.081254][ T5998] usb 4-1: config 0 descriptor??
[  903.212808][T14086] usb 4-1: USB disconnect, device number 44
[  908.926393][T14495] sd 0:0:1:0: device reset
[  918.359894][ T5795] Bluetooth: hci4: command 0x206a tx timeout
[  918.530956][ T5795] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  918.565498][ T5795] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  918.577286][ T5795] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  918.600956][ T5795] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  918.609606][ T5795] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  918.618921][ T5795] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  918.915217][ T9112] bond0: (slave syz_tun): Releasing backup interface
[  920.673810][ T5795] Bluetooth: hci2: command tx timeout
[  921.277541][T14578] chnl_net:caif_netlink_parms(): no params data found
[  921.450939][T14605] sd 0:0:1:0: device reset
[  921.560814][T14578] bridge0: port 1(bridge_slave_0) entered blocking state
[  921.577301][T14578] bridge0: port 1(bridge_slave_0) entered disabled state
[  921.588307][T14578] bridge_slave_0: entered allmulticast mode
[  921.602239][T14578] bridge_slave_0: entered promiscuous mode
[  921.626763][T14578] bridge0: port 2(bridge_slave_1) entered blocking state
[  921.646882][T14578] bridge0: port 2(bridge_slave_1) entered disabled state
[  921.657463][T14578] bridge_slave_1: entered allmulticast mode
[  921.683528][T14578] bridge_slave_1: entered promiscuous mode
[  921.766156][T14578] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  921.795653][T14578] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  921.911940][T14578] team0: Port device team_slave_0 added
[  921.950404][T14578] team0: Port device team_slave_1 added
[  922.037307][T14578] batman_adv: batadv0: Adding interface: batadv_slave_0
[  922.059413][T14578] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  922.085380][    C0] vkms_vblank_simulate: vblank timer overrun
[  922.176403][T14578] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  922.194526][T14578] batman_adv: batadv0: Adding interface: batadv_slave_1
[  922.215975][T14578] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  922.892431][ T5795] Bluetooth: hci2: command tx timeout
[  922.947019][T14578] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  923.887440][T14578] hsr_slave_0: entered promiscuous mode
[  923.948845][T14578] hsr_slave_1: entered promiscuous mode
[  924.626888][T14578] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  924.635414][T14578] Cannot create hsr debugfs directory
[  924.922522][ T5795] Bluetooth: hci2: command tx timeout
[  925.055565][T14631] netlink: 104 bytes leftover after parsing attributes in process `syz.0.2465'.
[  925.084327][T14578] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  925.315144][ T5795] Bluetooth: hci0: unexpected event for opcode 0x642f
[  925.427605][T14578] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  925.683278][ T5998] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  925.943422][ T5998] usb 5-1: Using ep0 maxpacket: 16
[  926.001099][ T5998] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  926.050479][ T5998] usb 5-1: config 0 has no interface number 0
[  926.059413][T14578] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  926.172484][ T5998] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  926.193584][ T5998] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  926.204751][ T5998] usb 5-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  926.214483][ T5998] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  926.232543][ T5998] usb 5-1: config 0 descriptor??
[  926.349119][T14578] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  926.774319][T14578] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  926.794803][T14578] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  926.829819][T14578] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  926.856127][T14578] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  926.958968][ T5998] input: HID 28bd:0071 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.1/0003:28BD:0071.0009/input/input13
[  926.993599][ T5795] Bluetooth: hci2: command tx timeout
[  927.084279][ T5998] input: HID 28bd:0071 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.1/0003:28BD:0071.0009/input/input14
[  927.137074][ T5998] uclogic 0003:28BD:0071.0009: input,hidraw0: USB HID v0.02 Keypad [HID 28bd:0071] on usb-dummy_hcd.4-1/input1
[  927.223260][ T5998] usb 5-1: USB disconnect, device number 7
[  927.243695][T14578] 8021q: adding VLAN 0 to HW filter on device bond0
[  927.325342][T14578] 8021q: adding VLAN 0 to HW filter on device team0
[  927.377149][T14108] bridge0: port 1(bridge_slave_0) entered blocking state
[  927.384364][T14108] bridge0: port 1(bridge_slave_0) entered forwarding state
[  927.408037][T14656] fido_id[14656]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/5-1/report_descriptor': No such file or directory
[  927.443045][T14108] bridge0: port 2(bridge_slave_1) entered blocking state
[  927.450229][T14108] bridge0: port 2(bridge_slave_1) entered forwarding state
[  927.926957][T14662] netlink: 'syz.0.2472': attribute type 10 has an invalid length.
[  927.950310][T14662] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  928.036060][T14662] 8021q: adding VLAN 0 to HW filter on device bond1
[  928.059260][T14662] bond_slave_0: entered promiscuous mode
[  928.065037][T14662] bond_slave_1: entered promiscuous mode
[  928.070719][T14662] syz_tun: entered promiscuous mode
[  928.077160][T14662] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  928.084919][T14662] bond1: (slave macvlan2): speed changed to 0 on port 1
[  928.093877][T14662] bond1: (slave macvlan2): Enslaving as a backup interface with an up link
[  928.127840][T14578] 8021q: adding VLAN 0 to HW filter on device batadv0
[  928.246643][T14578] veth0_vlan: entered promiscuous mode
[  928.294464][T14578] veth1_vlan: entered promiscuous mode
[  928.313259][T14667] netlink: 104 bytes leftover after parsing attributes in process `syz.0.2474'.
[  928.387855][T14578] veth0_macvtap: entered promiscuous mode
[  928.900935][T14578] veth1_macvtap: entered promiscuous mode
[  928.955174][T14578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  928.984338][T14578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  929.004654][T14578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  929.042462][T14578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  929.143708][T14578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  929.514215][T14578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  929.607929][ T5795] Bluetooth: hci3: unexpected event for opcode 0x0405
[  929.716616][T14578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  929.796761][T14578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  929.829953][T14578] batman_adv: batadv0: Interface activated: batadv_slave_0
[  929.839095][T12107] blk_print_req_error: 106 callbacks suppressed
[  929.839110][T12107] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[  929.854895][T12107] buffer_io_error: 286 callbacks suppressed
[  929.854908][T12107] Buffer I/O error on dev nbd3, logical block 0, async page read
[  929.872789][T12107] Buffer I/O error on dev nbd3, logical block 1, async page read
[  929.886726][T12107] Buffer I/O error on dev nbd3, logical block 2, async page read
[  929.895554][T12107] Buffer I/O error on dev nbd3, logical block 3, async page read
[  929.904453][T12107] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  929.913618][T12107] Buffer I/O error on dev nbd3, logical block 0, async page read
[  929.922878][T12107] I/O error, dev nbd3, sector 2 op 0x0:(READ) flags 0x0 phys_seg 3 prio class 2
[  929.927137][T14578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  929.933301][T12107] Buffer I/O error on dev nbd3, logical block 1, async page read
[  929.950171][T12107] Buffer I/O error on dev nbd3, logical block 2, async page read
[  929.962363][T12107] Buffer I/O error on dev nbd3, logical block 3, async page read
[  929.971710][T12710] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[  929.980903][T14578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  929.980919][T14578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  929.980934][T14578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  929.980956][T14578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  929.991427][T12710] Buffer I/O error on dev nbd3, logical block 0, async page read
[  930.002068][T14578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  930.022400][T12710] Buffer I/O error on dev nbd3, logical block 1, async page read
[  930.030916][T14578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  930.059779][T14578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  930.068469][T12107] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[  930.093579][T14578] batman_adv: batadv0: Interface activated: batadv_slave_1
[  930.106558][T12107] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  930.117802][T12107] I/O error, dev nbd3, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  930.131067][T12107] I/O error, dev nbd3, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  930.140900][T12107] I/O error, dev nbd3, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  930.153281][T12107] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  930.178240][T14681] ldm_validate_partition_table(): Disk read failed.
[  930.194688][T14681] Dev nbd3: unable to read RDB block 0
[  930.245331][T14681]  nbd3: unable to read partition table
[  930.353040][T14578] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  930.423463][T14578] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  930.562032][T14578] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  930.629675][T14578] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  930.868951][ T1129] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  930.899590][ T1129] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  931.000114][T12359] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  931.089207][T12359] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  931.636989][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  931.718929][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  932.279469][T14698] sd 0:0:1:0: device reset
[  932.567968][T14700] genirq: Flags mismatch irq 7. 00000000 (ttyS3) vs. 00000000 (comedi_parport)
[  933.119002][ T5795] Bluetooth: hci4: unexpected event for opcode 0x6407
[  939.242424][ T5792] IPVS: starting estimator thread 0...
[  939.352405][T14767] IPVS: using max 25 ests per chain, 60000 per kthread
[  940.975776][ T5790] syz_tun (unregistering): left allmulticast mode
[  940.997496][ T5790] bond0: (slave syz_tun): Releasing backup interface
[  941.014660][   T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  941.032559][   T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  941.041279][T14786] netlink: 'syz.4.2503': attribute type 10 has an invalid length.
[  941.049975][   T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  941.066971][   T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  941.075142][   T51] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  941.083325][   T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  941.135730][T14786] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  941.391950][T14788] 8021q: adding VLAN 0 to HW filter on device bond1
[  942.510564][T14785] chnl_net:caif_netlink_parms(): no params data found
[  942.764152][T14785] bridge0: port 1(bridge_slave_0) entered blocking state
[  942.771637][T14785] bridge0: port 1(bridge_slave_0) entered disabled state
[  942.863456][T14785] bridge_slave_0: entered allmulticast mode
[  942.947545][T14785] bridge_slave_0: entered promiscuous mode
[  942.973754][ T5841] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  943.098925][T14785] bridge0: port 2(bridge_slave_1) entered blocking state
[  943.153090][ T5795] Bluetooth: hci1: command tx timeout
[  943.169501][T14785] bridge0: port 2(bridge_slave_1) entered disabled state
[  943.234503][ T5841] usb 1-1: Using ep0 maxpacket: 32
[  943.252081][T14785] bridge_slave_1: entered allmulticast mode
[  943.293165][ T5841] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  943.365726][T14785] bridge_slave_1: entered promiscuous mode
[  943.405752][ T5841] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  943.526202][ T5841] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  943.582229][ T5841] usb 1-1: config 0 descriptor??
[  943.623036][T14806] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  943.653691][ T5841] hub 1-1:0.0: bad descriptor, ignoring hub
[  943.659652][ T5841] hub: probe of 1-1:0.0 failed with error -5
[  943.685282][T14785] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  943.719390][ T5841] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  943.738745][T14785] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  943.843459][T14785] team0: Port device team_slave_0 added
[  943.851993][T14785] team0: Port device team_slave_1 added
[  943.936055][T14785] batman_adv: batadv0: Adding interface: batadv_slave_0
[  943.956083][T14785] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  944.012414][T14785] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  944.042485][T14785] batman_adv: batadv0: Adding interface: batadv_slave_1
[  944.052676][T14785] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  944.109475][T14785] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  944.239331][T14785] hsr_slave_0: entered promiscuous mode
[  944.250509][T14785] hsr_slave_1: entered promiscuous mode
[  944.257682][T14785] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  944.265387][T14785] Cannot create hsr debugfs directory
[  945.233864][ T5795] Bluetooth: hci1: command tx timeout
[  945.849961][T14785] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  945.863008][T14785] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  946.375300][T14785] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  946.426321][T14785] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  946.512763][  T789] usb 1-1: USB disconnect, device number 34
[  947.381864][ T5795] Bluetooth: hci1: command tx timeout
[  947.404937][T14785] 8021q: adding VLAN 0 to HW filter on device bond0
[  947.513563][T14785] 8021q: adding VLAN 0 to HW filter on device team0
[  947.547028][T14112] bridge0: port 1(bridge_slave_0) entered blocking state
[  947.554199][T14112] bridge0: port 1(bridge_slave_0) entered forwarding state
[  947.625735][T14112] bridge0: port 2(bridge_slave_1) entered blocking state
[  947.632891][T14112] bridge0: port 2(bridge_slave_1) entered forwarding state
[  948.680896][T14785] 8021q: adding VLAN 0 to HW filter on device batadv0
[  948.794425][T14785] veth0_vlan: entered promiscuous mode
[  948.818655][T14785] veth1_vlan: entered promiscuous mode
[  948.833038][   T23] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  948.877040][T14785] veth0_macvtap: entered promiscuous mode
[  948.892113][T14785] veth1_macvtap: entered promiscuous mode
[  948.927864][T14785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  948.939647][T14785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  948.951700][T14785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  948.964715][T14785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  948.975136][T14785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  948.985925][T14785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  948.997696][T14785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  949.009421][T14785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  949.019686][T14785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  949.022648][   T23] usb 5-1: Using ep0 maxpacket: 8
[  949.030768][T14785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  949.047982][T14785] batman_adv: batadv0: Interface activated: batadv_slave_0
[  949.065720][   T23] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 943
[  949.070113][T14785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  949.087742][   T23] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1024
[  949.096354][T14785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  949.120100][T14785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  949.131226][   T23] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  949.133475][T14785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  949.156588][T14785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  949.158765][   T23] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  949.167602][T14785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  949.190977][T14785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  949.203151][T14785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  949.205246][   T23] usb 5-1: Product: syz
[  949.222005][T14785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  949.227625][   T23] usb 5-1: Manufacturer: syz
[  949.241205][T14785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  949.245272][   T23] usb 5-1: SerialNumber: syz
[  949.254863][T14785] batman_adv: batadv0: Interface activated: batadv_slave_1
[  949.295177][T14785] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  949.304183][T14785] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  949.321365][T14785] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  949.333662][T14785] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  949.392544][ T5795] Bluetooth: hci1: command tx timeout
[  949.494957][T14873] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  949.506968][T14873] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  949.530394][T14108] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  949.574004][T14108] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  949.607231][T14101] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  949.621242][T14101] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  949.727942][   T23] cdc_ncm 5-1:1.0: bind() failure
[  949.772409][   T23] cdc_ncm: probe of 5-1:1.1 failed with error -71
[  949.779495][   T23] cdc_mbim: probe of 5-1:1.1 failed with error -71
[  949.792841][   T23] usbtest: probe of 5-1:1.1 failed with error -71
[  949.958470][   T23] usb 5-1: USB disconnect, device number 8
[  950.000356][T14883] sd 0:0:1:0: device reset
[  953.338435][T14922] netlink: 104 bytes leftover after parsing attributes in process `syz.4.2541'.
[  953.669642][T14926] sd 0:0:1:0: device reset
[  955.779910][T14942] binder: 14937:14942 ioctl 4018620d 0 returned -22
[  955.789363][T14942] binder: 14937:14942 ioctl c0306201 0 returned -14
[  956.778865][T14957] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2552'.
[  957.010679][T14964] sd 0:0:1:0: device reset
[  957.575989][T12107] blk_print_req_error: 43 callbacks suppressed
[  957.576007][T12107] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[  957.591531][T12107] buffer_io_error: 54 callbacks suppressed
[  957.591544][T12107] Buffer I/O error on dev nbd2, logical block 0, async page read
[  957.606653][T12107] Buffer I/O error on dev nbd2, logical block 1, async page read
[  957.614528][T12107] Buffer I/O error on dev nbd2, logical block 2, async page read
[  957.622388][T12107] Buffer I/O error on dev nbd2, logical block 3, async page read
[  957.630636][T12107] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[  957.642472][T12107] Buffer I/O error on dev nbd2, logical block 0, async page read
[  957.655531][T12107] Buffer I/O error on dev nbd2, logical block 1, async page read
[  957.663528][T12107] Buffer I/O error on dev nbd2, logical block 2, async page read
[  957.671270][T12107] Buffer I/O error on dev nbd2, logical block 3, async page read
[  957.682129][T12107] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[  957.693649][T12107] Buffer I/O error on dev nbd2, logical block 0, async page read
[  957.701449][T12107] Buffer I/O error on dev nbd2, logical block 1, async page read
[  957.710305][T12107] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[  957.722903][T12107] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[  957.732766][T12107] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[  957.743039][T12107] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[  957.753403][T12107] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[  957.762653][T14966] ldm_validate_partition_table(): Disk read failed.
[  957.770809][T12107] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  957.780274][T12107] I/O error, dev nbd2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  957.791169][T14966] Dev nbd2: unable to read RDB block 0
[  957.798876][T14966]  nbd2: unable to read partition table
[  958.879500][ T5827] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  959.742534][ T5827] usb 3-1: Using ep0 maxpacket: 16
[  959.795139][ T5827] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  959.814041][ T5827] usb 3-1: config 0 has no interface number 0
[  959.831939][ T5827] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  959.882556][ T5827] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  959.928953][ T5827] usb 3-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  959.969324][ T5827] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  960.179392][T14996] sd 0:0:1:0: device reset
[  960.739962][ T5827] usb 3-1: config 0 descriptor??
[  961.357180][ T5827] usb 3-1: can't set config #0, error -71
[  961.400797][ T5827] usb 3-1: USB disconnect, device number 53
[  964.757245][T15031] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2574'.
[  965.002764][  T788] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  965.149516][   T27] audit: type=1326 audit(1761790607.268:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15034 comm="syz.4.2577" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f12d8b8efc9 code=0x0
[  965.332454][  T788] usb 3-1: Using ep0 maxpacket: 16
[  965.358496][  T788] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  965.380305][  T788] usb 3-1: config 0 has no interface number 0
[  965.388001][  T788] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  965.399702][  T788] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  965.417135][  T788] usb 3-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  965.447405][  T788] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  965.471336][  T788] usb 3-1: config 0 descriptor??
[  965.703595][T15046] nbd6: detected capacity change from 0 to 127
[  965.789367][T15046] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2580'.
[  965.814636][T15046] block nbd0: reconnected socket
[  965.819665][T15046] nbd: socks must be embedded in a SOCK_ITEM attr
[  965.861145][ T5795] block nbd6: Receive control failed (result -104)
[  965.871105][   T51] block nbd0: Receive control failed (result -32)
[  966.106552][  T788] usbhid 3-1:0.1: can't add hid device: -71
[  966.113070][  T788] usbhid: probe of 3-1:0.1 failed with error -71
[  966.121783][  T788] usb 3-1: USB disconnect, device number 54
[  967.322054][T15065] syz.2.2586 (15065) used greatest stack depth: 17960 bytes left
[  969.726402][T12710] block nbd6: Connection timed out, retrying (0/1 alive)
[  969.734312][T12710] block nbd6: Connection timed out, retrying (0/1 alive)
[  969.741436][T12710] block nbd6: Connection timed out, retrying (0/1 alive)
[  969.748683][T10179] block nbd6: Dead connection, failed to find a fallback
[  969.755792][T10179] block nbd6: shutting down sockets
[  969.761028][T10179] blk_print_req_error: 30 callbacks suppressed
[  969.761041][T10179] I/O error, dev nbd6, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  969.778360][T12710] block nbd6: Connection timed out, retrying (0/1 alive)
[  969.785737][T10179] buffer_io_error: 54 callbacks suppressed
[  969.785751][T10179] Buffer I/O error on dev nbd6, logical block 1, async page read
[  969.799472][T10179] I/O error, dev nbd6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  969.808962][T10179] Buffer I/O error on dev nbd6, logical block 0, async page read
[  969.818998][T10179] I/O error, dev nbd6, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  969.828503][T10179] Buffer I/O error on dev nbd6, logical block 3, async page read
[  969.849853][T10179] I/O error, dev nbd6, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  969.859154][T10179] Buffer I/O error on dev nbd6, logical block 2, async page read
[  969.867254][T12710] I/O error, dev nbd6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[  969.876588][T12710] Buffer I/O error on dev nbd6, logical block 0, async page read
[  969.884451][T12710] Buffer I/O error on dev nbd6, logical block 1, async page read
[  969.892181][T12710] Buffer I/O error on dev nbd6, logical block 2, async page read
[  969.900017][T12710] Buffer I/O error on dev nbd6, logical block 3, async page read
[  969.907971][T12710] I/O error, dev nbd6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  969.917228][T12710] Buffer I/O error on dev nbd6, logical block 0, async page read
[  969.925065][T12710] I/O error, dev nbd6, sector 2 op 0x0:(READ) flags 0x0 phys_seg 3 prio class 2
[  969.934518][T12710] Buffer I/O error on dev nbd6, logical block 1, async page read
[  969.955683][T12107] I/O error, dev nbd6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[  969.973570][T12107] I/O error, dev nbd6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[  969.983095][T12107] I/O error, dev nbd6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[  969.993967][ T8978] ldm_validate_partition_table(): Disk read failed.
[  970.014070][ T8978] Dev nbd6: unable to read RDB block 0
[  970.021346][ T8978]  nbd6: unable to read partition table
[  970.040270][ T8978] ldm_validate_partition_table(): Disk read failed.
[  970.048880][ T8978] Dev nbd6: unable to read RDB block 0
[  970.057191][ T8978]  nbd6: unable to read partition table
[  976.670461][T15199] bond1: option mode: unable to set because the bond device has slaves
[  976.749793][T15199] bond1: (slave macvlan3): Error -98 calling set_mac_address
[  980.705637][T15246] sd 0:0:1:0: device reset
[  981.499319][T15258] ceph: No mds server is up or the cluster is laggy
[  984.546702][T15294] sd 0:0:1:0: device reset
[  985.232856][   T51] Bluetooth: hci0: command 0x206a tx timeout
[  985.656890][T10663] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  986.609761][T10663] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  986.618965][T10663] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  986.628659][T15300] orangefs_mount: mount request failed with -4
[  986.635962][T10663] usb 4-1: config 0 descriptor??
[  986.652621][T10663] cp210x 4-1:0.0: cp210x converter detected
[  986.863855][T10663] cp210x 4-1:0.0: failed to get vendor val 0x370b size 1: -121
[  986.874448][T10663] cp210x 4-1:0.0: querying part number failed
[  986.898970][T15306] bridge0: port 2(bridge_slave_1) entered disabled state
[  986.909614][T10663] usb 4-1: cp210x converter now attached to ttyUSB0
[  986.953272][T15307] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2653'.
[  986.962250][T15307] bridge_slave_1: left allmulticast mode
[  987.007329][T15307] bridge0: port 2(bridge_slave_1) entered disabled state
[  987.053856][T15307] bridge_slave_0: left allmulticast mode
[  987.071344][T15307] bridge_slave_0: left promiscuous mode
[  987.082829][T15307] bridge0: port 1(bridge_slave_0) entered disabled state
[  987.786084][T15311] 8021q: adding VLAN 0 to HW filter on device bond1
[  987.849578][T15312] bond_slave_0: entered promiscuous mode
[  987.855357][T15312] bond_slave_1: entered promiscuous mode
[  987.878665][T15312] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  987.887966][T15312] bond1: (slave macvlan2): Enslaving as a backup interface with an up link
[  988.175057][T10663] usb 4-1: USB disconnect, device number 45
[  988.186769][T10663] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  988.195385][T10663] cp210x 4-1:0.0: device disconnected
[  990.403876][T15341] orangefs_mount: mount request failed with -4
[  993.093082][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  993.099431][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  995.332064][T14087] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  995.663248][T15381] orangefs_mount: mount request failed with -4
[  995.876715][T14087] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  996.809473][T14087] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  997.138346][T14087] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  997.158017][   T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  997.196080][   T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  997.204698][   T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  997.213445][   T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  997.221158][   T51] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  997.230081][   T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  997.977635][T15415] ceph: No mds server is up or the cluster is laggy
[  998.072201][T15419] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2685'.
[  999.313101][   T51] Bluetooth: hci2: command tx timeout
[  999.676742][T15434] orangefs_mount: mount request failed with -4
[ 1000.591646][T15407] chnl_net:caif_netlink_parms(): no params data found
[ 1000.922549][   T23] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[ 1000.987965][T15462] futex_wake_op: syz.4.2694 tries to shift op by -1; fix this program
[ 1001.124586][   T23] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1001.144375][   T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1001.178226][   T23] usb 4-1: Product: syz
[ 1001.191702][   T23] usb 4-1: Manufacturer: syz
[ 1001.196762][   T23] usb 4-1: SerialNumber: syz
[ 1001.256812][T15407] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1001.282469][T15407] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1001.288307][   T23] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1001.295555][T15407] bridge_slave_0: entered allmulticast mode
[ 1001.359079][ T5841] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1001.399592][   T51] Bluetooth: hci2: command tx timeout
[ 1001.418396][T15407] bridge_slave_0: entered promiscuous mode
[ 1001.653083][T15407] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1001.660295][T15407] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1001.688325][T15407] bridge_slave_1: entered allmulticast mode
[ 1001.707587][T15407] bridge_slave_1: entered promiscuous mode
[ 1001.960268][ T5876] usb 4-1: USB disconnect, device number 46
[ 1002.654149][ T5841] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[ 1002.773940][ T5841] ath9k_htc: Failed to initialize the device
[ 1002.995498][ T5876] usb 4-1: ath9k_htc: USB layer deinitialized
[ 1003.275194][T15482] orangefs_mount: mount request failed with -4
[ 1003.353179][T15407] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1003.380487][T15407] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1003.472553][   T51] Bluetooth: hci2: command tx timeout
[ 1003.487455][T15494] futex_wake_op: syz.4.2702 tries to shift op by -1; fix this program
[ 1003.495852][ T5827] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[ 1003.810681][ T5827] usb 1-1: Using ep0 maxpacket: 16
[ 1003.818616][ T5827] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1003.847231][T15407] team0: Port device team_slave_0 added
[ 1003.867105][T15407] team0: Port device team_slave_1 added
[ 1003.922647][ T5827] usb 1-1: config 0 has no interfaces?
[ 1003.930200][ T5827] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1003.953499][ T5827] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1003.961540][ T5827] usb 1-1: Manufacturer: syz
[ 1004.003663][ T5827] usb 1-1: config 0 descriptor??
[ 1004.035158][T15407] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1004.053104][T15407] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1004.096243][T15407] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1004.139638][T15407] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1004.157195][T15407] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1004.205812][T15407] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1004.312246][ T5827] usb 1-1: USB disconnect, device number 35
[ 1004.364703][T15510] autofs4:pid:15510:autofs_fill_super: called with bogus options
[ 1004.645173][T15407] hsr_slave_0: entered promiscuous mode
[ 1004.667357][T15407] hsr_slave_1: entered promiscuous mode
[ 1004.703837][T15407] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1004.711448][T15407] Cannot create hsr debugfs directory
[ 1004.829811][T14087] hsr_slave_0: left promiscuous mode
[ 1004.919304][T14087] hsr_slave_1: left promiscuous mode
[ 1005.019370][T14087] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1005.054208][T14087] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1005.130776][T14087] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1005.210296][T14087] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1005.576060][T15522] orangefs_mount: mount request failed with -4
[ 1005.602710][   T51] Bluetooth: hci2: command tx timeout
[ 1005.671859][T14087] bridge_slave_1: left allmulticast mode
[ 1005.692502][T14087] bridge_slave_1: left promiscuous mode
[ 1005.698316][T14087] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1005.753695][T14087] bridge_slave_0: left allmulticast mode
[ 1005.759380][T14087] bridge_slave_0: left promiscuous mode
[ 1005.814433][T14087] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1006.055005][T15533] futex_wake_op: syz.4.2711 tries to shift op by -1; fix this program
[ 1006.102572][T14087] bond_slave_0: left promiscuous mode
[ 1006.107996][T14087] bond_slave_1: left promiscuous mode
[ 1006.155291][T14087] veth1_macvtap: left promiscuous mode
[ 1006.160867][T14087] veth0_macvtap: left promiscuous mode
[ 1006.173343][T14087] veth1_vlan: left promiscuous mode
[ 1006.178634][T14087] veth0_vlan: left promiscuous mode
[ 1006.538819][T15537] nbd7: detected capacity change from 0 to 127
[ 1006.545284][   T51] block nbd7: Wrong magic (0x989b4372)
[ 1006.564681][T14087] bond1 (unregistering): (slave macvlan2): Removing an active aggregator
[ 1006.571146][T15538] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2713'.
[ 1006.583190][T14087] bond1 (unregistering): (slave macvlan2): Releasing backup interface
[ 1006.598620][T12710] block nbd7: Dead connection, failed to find a fallback
[ 1006.605834][T12710] block nbd7: shutting down sockets
[ 1006.611040][T12710] blk_print_req_error: 118 callbacks suppressed
[ 1006.611051][T12710] I/O error, dev nbd7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1006.627222][T12710] buffer_io_error: 138 callbacks suppressed
[ 1006.627234][T12710] Buffer I/O error on dev nbd7, logical block 0, async page read
[ 1006.641538][T12710] Buffer I/O error on dev nbd7, logical block 1, async page read
[ 1006.649792][T12710] Buffer I/O error on dev nbd7, logical block 2, async page read
[ 1006.658073][T12710] Buffer I/O error on dev nbd7, logical block 3, async page read
[ 1006.659388][T15538] block nbd0: reconnected socket
[ 1006.666362][T12710] I/O error, dev nbd7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1006.680318][T12710] Buffer I/O error on dev nbd7, logical block 0, async page read
[ 1006.688908][T12710] Buffer I/O error on dev nbd7, logical block 1, async page read
[ 1006.697437][T12710] Buffer I/O error on dev nbd7, logical block 2, async page read
[ 1006.705470][T12710] Buffer I/O error on dev nbd7, logical block 3, async page read
[ 1006.714315][T12710] I/O error, dev nbd7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1006.723695][T12710] Buffer I/O error on dev nbd7, logical block 0, async page read
[ 1006.731448][T12710] Buffer I/O error on dev nbd7, logical block 1, async page read
[ 1006.740238][T12710] I/O error, dev nbd7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1006.743533][T15538] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1006.750002][T12710] I/O error, dev nbd7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1006.765696][T12710] I/O error, dev nbd7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1006.775376][T12710] I/O error, dev nbd7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1006.786897][T12710] I/O error, dev nbd7, sector 2 op 0x0:(READ) flags 0x0 phys_seg 3 prio class 2
[ 1006.796936][T12710] I/O error, dev nbd7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1006.806783][T12710] I/O error, dev nbd7, sector 2 op 0x0:(READ) flags 0x0 phys_seg 3 prio class 2
[ 1006.816723][ T8978] ldm_validate_partition_table(): Disk read failed.
[ 1006.825397][ T8978] Dev nbd7: unable to read RDB block 0
[ 1006.964613][   T51] block nbd0: Receive control failed (result -32)
[ 1006.991828][ T8978]  nbd7: unable to read partition table
[ 1007.217216][ T8978] ldm_validate_partition_table(): Disk read failed.
[ 1007.297629][ T8978] Dev nbd7: unable to read RDB block 0
[ 1007.317983][ T8978]  nbd7: unable to read partition table
[ 1008.029282][T14087] bond1 (unregistering): Released all slaves
[ 1010.201956][T15569] orangefs_mount: mount request failed with -4
[ 1010.269288][T14087] team0 (unregistering): Port device team_slave_1 removed
[ 1010.396216][T14087] team0 (unregistering): Port device team_slave_0 removed
[ 1010.485828][T14087] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1010.601816][T14087] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1011.326965][T14087] bond0 (unregistering): Released all slaves
[ 1011.540970][T15574] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1011.589695][T15575] bond_slave_0: entered promiscuous mode
[ 1011.595443][T15575] bond_slave_1: entered promiscuous mode
[ 1011.613615][T15575] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1011.632216][T15575] bond1: (slave macvlan2): Enslaving as a backup interface with an up link
[ 1014.268645][T15597] orangefs_mount: mount request failed with -4
[ 1014.284816][T14087] IPVS: stop unused estimator thread 0...
[ 1014.492268][T15407] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1014.513237][T15407] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1014.537865][T15407] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1014.576769][T15407] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1014.655487][    T9] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[ 1015.282546][    T9] usb 1-1: Using ep0 maxpacket: 32
[ 1015.298065][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1015.326611][T15407] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1015.334357][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1015.369945][    T9] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1015.405961][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1015.416973][T15407] 8021q: adding VLAN 0 to HW filter on device team0
[ 1015.453715][    T9] usb 1-1: config 0 descriptor??
[ 1015.464966][T14093] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1015.472127][T14093] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1015.529756][T14112] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1015.536975][T14112] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1015.660755][T15407] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1016.582920][    T9] savu 0003:1E7D:2D5A.000A: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0
[ 1016.624377][    T9] usb 1-1: USB disconnect, device number 36
[ 1016.959962][T15640] fido_id[15640]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[ 1017.473185][ T5795] Bluetooth: hci4: command 0x206a tx timeout
[ 1017.780207][T15407] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1018.187056][T15662] futex_wake_op: syz.4.2739 tries to shift op by -1; fix this program
[ 1018.343669][T15407] veth0_vlan: entered promiscuous mode
[ 1018.374603][T15407] veth1_vlan: entered promiscuous mode
[ 1018.622078][T15407] veth0_macvtap: entered promiscuous mode
[ 1018.634515][T15407] veth1_macvtap: entered promiscuous mode
[ 1018.696455][T15407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1018.730030][T15407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1018.762852][T15407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1018.796090][T15407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1018.819046][T15407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1018.839781][T15407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1018.870175][T15407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1018.901689][T15407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1018.921532][T15407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1018.949548][T15407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1018.969806][T15407] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1019.008377][T15680] bond1: option mode: unable to set because the bond device has slaves
[ 1019.046945][T15683] bond1: (slave macvlan3): Error -98 calling set_mac_address
[ 1019.122585][ T5827] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[ 1019.130843][T15407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1019.147983][T15407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1019.174408][T15407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1019.196771][T15407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1019.216956][T15407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1019.239307][T15407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1019.263602][T15407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1019.279318][T15407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1019.290445][T15407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1019.301351][T15407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1019.314943][ T5827] usb 1-1: Using ep0 maxpacket: 32
[ 1019.332256][T15407] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1019.352813][ T5827] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1019.394025][ T5827] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1019.406279][T15407] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1019.426565][ T5827] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1019.445993][ T5827] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1019.452365][T15407] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1019.482697][T15407] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1019.483224][ T5827] usb 1-1: config 0 descriptor??
[ 1019.491415][T15407] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1020.256909][ T1129] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1020.407685][ T1129] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1020.501742][ T5827] savu 0003:1E7D:2D5A.000B: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0
[ 1020.546184][ T5827] usb 1-1: USB disconnect, device number 37
[ 1020.703202][T14091] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1020.732744][T14091] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1020.755601][T15696] fido_id[15696]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[ 1022.657288][T15722] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1023.063967][T15728] bond_slave_0: entered promiscuous mode
[ 1023.069759][T15728] bond_slave_1: entered promiscuous mode
[ 1023.123837][T15728] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1023.153175][T15728] bond1: (slave macvlan2): Enslaving as a backup interface with an up link
[ 1024.192634][ T5795] Bluetooth: hci1: command 0x0406 tx timeout
[ 1025.418842][T15767] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2760'.
[ 1028.383301][T15791] trusted_key: syz.0.2765 sent an empty control message without MSG_MORE.
[ 1029.718744][T15814] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2771'.
[ 1032.373203][T15831] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[ 1032.823909][T10663] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[ 1032.894373][T15846] netlink: 'syz.3.2782': attribute type 5 has an invalid length.
[ 1032.919827][T15846] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1032.929376][T15846] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1032.938192][T15846] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1032.947001][T15846] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1033.040810][T15846] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1033.050190][T15846] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1033.059509][T15846] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1033.068627][T15846] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1033.077668][T10663] usb 5-1: device descriptor read/64, error -71
[ 1033.382752][T10663] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[ 1033.409748][T15856] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2783'.
[ 1033.558710][T10663] usb 5-1: device descriptor read/64, error -71
[ 1034.022573][T10663] usb usb5-port1: attempt power cycle
[ 1034.492495][T10663] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[ 1034.668117][T10663] usb 5-1: device descriptor read/8, error -71
[ 1035.422933][T15878] ceph: No mds server is up or the cluster is laggy
[ 1035.628859][ T5827] libceph: connect (1)[c::]:6789 error -101
[ 1035.687973][ T5827] libceph: mon0 (1)[c::]:6789 connect error
[ 1036.791021][T15891] orangefs_mount: mount request failed with -4
[ 1039.377459][ T5841] libceph: connect (1)[c::]:6789 error -101
[ 1039.438521][T15942] ceph: No mds server is up or the cluster is laggy
[ 1039.529252][ T5841] libceph: mon0 (1)[c::]:6789 connect error
[ 1039.964770][ T5827] libceph: connect (1)[c::]:6789 error -101
[ 1039.993317][ T5827] libceph: mon0 (1)[c::]:6789 connect error
[ 1040.203470][T15949] tipc: Started in network mode
[ 1040.208486][T15949] tipc: Node identity 7f000001, cluster identity 4711
[ 1040.232994][T15949] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1040.595623][T15936] orangefs_mount: mount request failed with -4
[ 1040.626399][   T51] Bluetooth: hci4: SCO packet for unknown connection handle 201
[ 1041.162695][T10663] usb 4-1: new full-speed USB device number 47 using dummy_hcd
[ 1042.006724][  T789] tipc: Node number set to 2130706433
[ 1042.125702][T10663] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1042.148329][T10663] usb 4-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1042.179772][T10663] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1042.238641][T10663] usb 4-1: config 0 descriptor??
[ 1043.013109][T15994] ceph: No mds server is up or the cluster is laggy
[ 1043.102850][T10663] elan 0003:04F3:0755.000C: unknown main item tag 0x0
[ 1043.109698][T10663] elan 0003:04F3:0755.000C: unknown main item tag 0x0
[ 1043.216715][T10663] elan 0003:04F3:0755.000C: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.3-1/input0
[ 1043.387282][T10663] usb 4-1: USB disconnect, device number 47
[ 1043.713930][T16015] bond1: option mode: unable to set because the bond device is up
[ 1043.731328][T16015] bond_slave_0: entered promiscuous mode
[ 1043.737109][T16015] bond_slave_1: entered promiscuous mode
[ 1043.742843][T16015] syz_tun: entered promiscuous mode
[ 1043.749029][T16015] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1043.756683][T16015] bond1: (slave macvlan2): speed changed to 0 on port 1
[ 1043.773111][T16015] bond1: (slave macvlan2): Enslaving as a backup interface with an up link
[ 1043.981224][T16001] orangefs_mount: mount request failed with -4
[ 1044.101873][T16025] overlayfs: failed to clone upperpath
[ 1044.292425][T10663] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[ 1045.118629][T10663] usb 5-1: Using ep0 maxpacket: 32
[ 1045.126566][T10663] usb 5-1: config 0 has an invalid interface number: 233 but max is 0
[ 1045.152626][T10663] usb 5-1: config 0 has no interface number 0
[ 1045.169886][T10663] usb 5-1: New USB device found, idVendor=1608, idProduct=0302, bcdDevice=d3.4f
[ 1045.193858][T10663] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1045.213015][T10663] usb 5-1: Product: syz
[ 1045.217319][T10663] usb 5-1: Manufacturer: syz
[ 1045.221933][T10663] usb 5-1: SerialNumber: syz
[ 1045.243472][T10663] usb 5-1: config 0 descriptor??
[ 1045.385784][T10663] io_ti 5-1:0.233: required endpoints missing
[ 1045.593385][ T5827] usb 5-1: USB disconnect, device number 13
[ 1045.740828][T16050] bond1: option mode: unable to set because the bond device has slaves
[ 1045.758779][T16050] bond1: (slave macvlan3): Error -98 calling set_mac_address
[ 1046.297673][T16055] overlayfs: failed to clone upperpath
[ 1046.653165][T16053] orangefs_mount: mount request failed with -4
[ 1050.311453][T16117] orangefs_mount: mount request failed with -4
[ 1051.952561][T12628] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[ 1052.195214][T12628] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1052.213238][T12628] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1052.243193][T12628] usb 4-1: config 0 descriptor??
[ 1052.254908][T12628] cp210x 4-1:0.0: cp210x converter detected
[ 1053.283262][T12628] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32
[ 1053.320552][T12628] cp210x 4-1:0.0: failed to get vendor val 0x3711 size 2: -32
[ 1053.352498][T12628] cp210x 4-1:0.0: GPIO initialisation failed: -32
[ 1053.382766][T12628] usb 4-1: cp210x converter now attached to ttyUSB0
[ 1053.417440][T12628] usb 4-1: USB disconnect, device number 48
[ 1053.455828][T12628] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1053.500491][T12628] cp210x 4-1:0.0: device disconnected
[ 1054.065535][T16180] ceph: No mds server is up or the cluster is laggy
[ 1054.081915][ T5827] libceph: connect (1)[c::]:6789 error -101
[ 1054.197675][ T5827] libceph: mon0 (1)[c::]:6789 connect error
[ 1054.555346][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.572618][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[ 1059.183796][T16245] ceph: No mds server is up or the cluster is laggy
[ 1059.195372][T16215] libceph: connect (1)[c::]:6789 error -101
[ 1059.298893][T16215] libceph: mon0 (1)[c::]:6789 connect error
[ 1062.306449][   T23] libceph: connect (1)[c::]:6789 error -101
[ 1062.365656][T16294] ceph: No mds server is up or the cluster is laggy
[ 1062.573688][   T23] libceph: mon0 (1)[c::]:6789 connect error
[ 1066.992517][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[ 1067.422505][T16385] sd 0:0:1:0: device reset
[ 1067.627559][   T51] Bluetooth: hci1: ACL packet for unknown connection handle 201
[ 1069.163115][T16405] ceph: No mds server is up or the cluster is laggy
[ 1069.214263][   T23] libceph: connect (1)[c::]:6789 error -101
[ 1069.220328][   T23] libceph: mon0 (1)[c::]:6789 connect error
[ 1081.549544][T16569] overlayfs: failed to clone upperpath
[ 1086.309233][T16620] netlink: 'syz.0.2977': attribute type 10 has an invalid length.
[ 1086.342454][T16620] netlink: 55 bytes leftover after parsing attributes in process `syz.0.2977'.
[ 1089.805549][ T5827] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[ 1090.014770][ T5827] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1090.044657][ T5827] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1090.081644][   T27] audit: type=1326 audit(1761790732.308:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16650 comm="syz.4.2987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12d8b8efc9 code=0x7ffc0000
[ 1090.134235][ T5827] usb 1-1: config 0 descriptor??
[ 1090.144734][ T5827] cp210x 1-1:0.0: cp210x converter detected
[ 1090.151290][   T27] audit: type=1326 audit(1761790732.308:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16650 comm="syz.4.2987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12d8b8efc9 code=0x7ffc0000
[ 1090.151335][   T27] audit: type=1326 audit(1761790732.348:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16650 comm="syz.4.2987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=265 compat=0 ip=0x7f12d8b8efc9 code=0x7ffc0000
[ 1090.151372][   T27] audit: type=1326 audit(1761790732.348:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16650 comm="syz.4.2987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12d8b8efc9 code=0x7ffc0000
[ 1090.151407][   T27] audit: type=1326 audit(1761790732.348:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16650 comm="syz.4.2987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12d8b8efc9 code=0x7ffc0000
[ 1090.641383][ T5827] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32
[ 1090.723779][ T5827] cp210x 1-1:0.0: failed to get vendor val 0x3711 size 2: -121
[ 1090.779995][ T5827] cp210x 1-1:0.0: GPIO initialisation failed: -121
[ 1091.005336][ T5827] usb 1-1: cp210x converter now attached to ttyUSB0
[ 1091.026030][ T5827] usb 1-1: USB disconnect, device number 38
[ 1091.040098][ T5827] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1091.081831][ T5827] cp210x 1-1:0.0: device disconnected
[ 1105.131158][T16778] capability: warning: `syz.3.3023' uses 32-bit capabilities (legacy support in use)
[ 1107.587567][T16796] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3032'.
[ 1108.127912][T16803] input: syz0 as /devices/virtual/input/input15
[ 1112.417020][   T27] audit: type=1326 audit(1761790754.648:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16842 comm="syz.5.3045" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f19b438efc9 code=0x0
[ 1115.970276][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[ 1115.977334][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[ 1117.718847][T16894] mmap: syz.4.3063 (16894) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[ 1117.884054][T16906] overlayfs: failed to resolve './file0': -2
[ 1117.963414][T16905] nbd8: detected capacity change from 0 to 127
[ 1117.970492][   T51] block nbd8: Wrong magic (0x98bce83d)
[ 1118.130510][T16908] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3068'.
[ 1118.148292][T12710] block nbd8: Dead connection, failed to find a fallback
[ 1118.155531][T12710] block nbd8: shutting down sockets
[ 1118.160747][T12710] blk_print_req_error: 52 callbacks suppressed
[ 1118.160755][T12710] I/O error, dev nbd8, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1118.176338][T12710] buffer_io_error: 138 callbacks suppressed
[ 1118.176346][T12710] Buffer I/O error on dev nbd8, logical block 0, async page read
[ 1118.190229][T12710] Buffer I/O error on dev nbd8, logical block 1, async page read
[ 1118.198308][T12710] Buffer I/O error on dev nbd8, logical block 2, async page read
[ 1118.206705][T12710] Buffer I/O error on dev nbd8, logical block 3, async page read
[ 1118.217078][T12710] I/O error, dev nbd8, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1118.226254][T12710] Buffer I/O error on dev nbd8, logical block 0, async page read
[ 1118.234762][T12710] Buffer I/O error on dev nbd8, logical block 1, async page read
[ 1118.245971][T12710] Buffer I/O error on dev nbd8, logical block 2, async page read
[ 1118.254252][T12710] Buffer I/O error on dev nbd8, logical block 3, async page read
[ 1118.263639][T12710] I/O error, dev nbd8, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1118.273260][T12710] Buffer I/O error on dev nbd8, logical block 0, async page read
[ 1118.281205][T12710] Buffer I/O error on dev nbd8, logical block 1, async page read
[ 1118.290803][T12710] I/O error, dev nbd8, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1118.301002][T12710] I/O error, dev nbd8, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1118.312098][T12710] I/O error, dev nbd8, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1118.322778][T12710] I/O error, dev nbd8, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1118.333291][T12710] I/O error, dev nbd8, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1118.343436][T12710] I/O error, dev nbd8, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1118.353523][T12710] I/O error, dev nbd8, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1118.369122][T16895] ldm_validate_partition_table(): Disk read failed.
[ 1118.454065][T16895] Dev nbd8: unable to read RDB block 0
[ 1118.580936][T16895]  nbd8: unable to read partition table
[ 1118.668112][T16908] block nbd0: reconnected socket
[ 1118.693650][T16895] ldm_validate_partition_table(): Disk read failed.
[ 1118.712764][T16908] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1118.729911][T16895] Dev nbd8: unable to read RDB block 0
[ 1118.737371][   T51] block nbd0: Receive control failed (result -32)
[ 1118.764700][T16895]  nbd8: unable to read partition table
[ 1119.410482][T16934] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3075'.
[ 1122.967906][T16970] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3089'.
[ 1123.168063][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[ 1124.419132][T16990] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3094'.
[ 1126.812662][T17017] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3103'.
[ 1128.809349][T17035] overlayfs: failed to resolve './file1': -2
[ 1130.686108][ T5795] Bluetooth: hci4: ACL packet for unknown connection handle 201
[ 1132.260302][T17068] overlayfs: failed to resolve './file1': -2
[ 1135.223174][T17100] netlink: 'syz.0.3131': attribute type 10 has an invalid length.
[ 1135.758689][T17100] bond1: (slave macvlan3): Error -98 calling set_mac_address
[ 1135.948595][T17107] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3132'.
[ 1142.202979][T10663] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[ 1142.423691][T10663] usb 1-1: Using ep0 maxpacket: 16
[ 1142.433266][T10663] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[ 1142.454174][T10663] usb 1-1: config 0 has no interface number 0
[ 1142.474107][T10663] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1142.496864][T10663] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1142.511937][T10663] usb 1-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 1142.532157][T10663] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1142.682845][T10663] usb 1-1: config 0 descriptor??
[ 1143.226865][T10663] usbhid 1-1:0.1: can't add hid device: -71
[ 1143.305675][T10663] usbhid: probe of 1-1:0.1 failed with error -71
[ 1143.353780][T10663] usb 1-1: USB disconnect, device number 39
[ 1143.537079][T17201] netlink: 76 bytes leftover after parsing attributes in process `syz.4.3161'.
[ 1143.956541][T17208] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3162'.
[ 1148.128992][T17249] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3174'.
[ 1149.107739][T17263] sd 0:0:1:0: device reset
[ 1152.501474][T17304] blktrace: Concurrent blktraces are not allowed on loop10
[ 1152.605527][T17307] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3192'.
[ 1153.479525][T17309] netlink: 'syz.4.3195': attribute type 10 has an invalid length.
[ 1153.570783][T17311] bond1: option mode: unable to set because the bond device has slaves
[ 1156.270677][T17344] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3204'.
[ 1157.040097][T17354] netlink: 'syz.5.3208': attribute type 10 has an invalid length.
[ 1157.251472][T17354] syz_tun: entered promiscuous mode
[ 1157.280458][T17354] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[ 1157.311305][T17356] bond1: option mode: unable to set because the bond device has slaves
[ 1158.241910][T17355] orangefs_mount: mount request failed with -4
[ 1159.863268][T17379] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3215'.
[ 1160.271371][T17381] overlayfs: missing 'workdir'
[ 1163.713451][T17411] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3225'.
[ 1164.316909][T17404] orangefs_mount: mount request failed with -4
[ 1165.877398][T17441] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3236'.
[ 1166.540869][T17435] orangefs_mount: mount request failed with -4
[ 1167.987592][T17449] ceph: No mds server is up or the cluster is laggy
[ 1169.300729][T17475] netlink: 'syz.5.3245': attribute type 2 has an invalid length.
[ 1170.187820][T17470] orangefs_mount: mount request failed with -4
[ 1173.072906][T17505] orangefs_mount: mount request failed with -4
[ 1174.320500][ T5795] Bluetooth: hci1: ACL packet for unknown connection handle 201
[ 1175.395714][T17544] orangefs_mount: mount request failed with -4
[ 1175.601271][ T5795] Bluetooth: hci2: unexpected event for opcode 0x1004
[ 1176.691104][T17568] overlayfs: failed to resolve './file1/file0': -2
[ 1177.451212][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.458021][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[ 1178.148928][T17576] orangefs_mount: mount request failed with -4
[ 1178.212804][T17585] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3283'.
[ 1178.494690][T17592] nbd9: detected capacity change from 0 to 127
[ 1178.506841][ T5795] block nbd9: Wrong magic (0x989b4372)
[ 1178.632580][T17598] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3286'.
[ 1178.649446][T17598] block nbd0: reconnected socket
[ 1178.657217][T17598] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1178.844560][T12107] block nbd9: Dead connection, failed to find a fallback
[ 1178.851719][T12107] block nbd9: shutting down sockets
[ 1178.857424][ T5795] block nbd0: Receive control failed (result -32)
[ 1178.864229][T12107] blk_print_req_error: 83 callbacks suppressed
[ 1178.864241][T12107] I/O error, dev nbd9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1178.879927][T12107] buffer_io_error: 138 callbacks suppressed
[ 1178.879959][T12107] Buffer I/O error on dev nbd9, logical block 0, async page read
[ 1178.894076][T12107] Buffer I/O error on dev nbd9, logical block 1, async page read
[ 1178.901914][T12107] Buffer I/O error on dev nbd9, logical block 2, async page read
[ 1178.909990][T12107] Buffer I/O error on dev nbd9, logical block 3, async page read
[ 1178.925092][T12107] I/O error, dev nbd9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1178.935870][T12107] Buffer I/O error on dev nbd9, logical block 0, async page read
[ 1178.944191][T12107] I/O error, dev nbd9, sector 2 op 0x0:(READ) flags 0x0 phys_seg 3 prio class 2
[ 1178.953666][T12107] Buffer I/O error on dev nbd9, logical block 1, async page read
[ 1178.961542][T12107] Buffer I/O error on dev nbd9, logical block 2, async page read
[ 1178.969451][T12107] Buffer I/O error on dev nbd9, logical block 3, async page read
[ 1178.978238][T12107] I/O error, dev nbd9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1178.987811][T12107] Buffer I/O error on dev nbd9, logical block 0, async page read
[ 1178.996274][T12107] I/O error, dev nbd9, sector 2 op 0x0:(READ) flags 0x0 phys_seg 2 prio class 2
[ 1179.005691][T12107] Buffer I/O error on dev nbd9, logical block 1, async page read
[ 1179.013972][T12107] I/O error, dev nbd9, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1179.024181][T12107] I/O error, dev nbd9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1179.034782][T12107] I/O error, dev nbd9, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1179.044592][T12107] I/O error, dev nbd9, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1179.054986][T12107] I/O error, dev nbd9, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1179.087056][T17419] ldm_validate_partition_table(): Disk read failed.
[ 1179.271049][T17419] Dev nbd9: unable to read RDB block 0
[ 1179.295539][T17419]  nbd9: unable to read partition table
[ 1179.320554][T17419] ldm_validate_partition_table(): Disk read failed.
[ 1179.363536][T17419] Dev nbd9: unable to read RDB block 0
[ 1179.394000][T17419]  nbd9: unable to read partition table
[ 1179.634638][ T5795] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[ 1179.662738][ T5795] Bluetooth: hci2: Injecting HCI hardware error event
[ 1179.672747][T17603] Bluetooth: hci2: hardware error 0x00
[ 1180.806960][T17617] orangefs_mount: mount request failed with -4
[ 1181.119309][T17638] nbd10: detected capacity change from 0 to 127
[ 1181.120025][ T5795] block nbd10: Wrong magic (0x989b4372)
[ 1181.164150][T12107] block nbd10: Dead connection, failed to find a fallback
[ 1181.171412][T12107] block nbd10: shutting down sockets
[ 1181.179436][T17639] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3299'.
[ 1181.184446][T17419] ldm_validate_partition_table(): Disk read failed.
[ 1181.203647][T17419] Dev nbd10: unable to read RDB block 0
[ 1181.213404][T17639] block nbd0: reconnected socket
[ 1181.218405][T17639] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1181.234107][ T5795] block nbd0: Receive control failed (result -32)
[ 1181.277134][T17419]  nbd10: unable to read partition table
[ 1181.443320][T17419] ldm_validate_partition_table(): Disk read failed.
[ 1181.556558][T17419] Dev nbd10: unable to read RDB block 0
[ 1182.353390][T17647] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[ 1182.366561][T17603] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[ 1182.484643][T17419]  nbd10: unable to read partition table
[ 1183.326950][T17668] overlayfs: missing 'lowerdir'
[ 1184.247987][T17667] orangefs_mount: mount request failed with -4
[ 1185.072796][T17603] Bluetooth: hci0: Opcode 0x206a failed: -110
[ 1185.089735][T17603] Bluetooth: hci0: command 0x206a tx timeout
[ 1189.072642][ T5795] Bluetooth: hci4: command 0x206a tx timeout
[ 1189.078802][T17603] Bluetooth: hci4: Opcode 0x206a failed: -110
[ 1191.375781][T17769] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[ 1191.872573][ T5795] Bluetooth: hci4: Opcode 0x206a failed: -110
[ 1191.891973][ T5795] Bluetooth: hci4: command 0x206a tx timeout
[ 1192.775903][T17797] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3346'.
[ 1194.347650][T17813] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[ 1194.723790][T17826] netlink: 'syz.4.3353': attribute type 10 has an invalid length.
[ 1194.743480][T17826] bond1: option mode: unable to set because the bond device has slaves
[ 1195.102480][ T5795] Bluetooth: hci4: command 0x206a tx timeout
[ 1195.449397][T17603] Bluetooth: hci4: Opcode 0x206a failed: -110
[ 1195.890866][T17832] netlink: 1624 bytes leftover after parsing attributes in process `syz.3.3356'.
[ 1196.349368][  T789] hid-generic 0000:0003:0001.000D: unknown main item tag 0x0
[ 1196.377585][  T789] hid-generic 0000:0003:0001.000D: unknown main item tag 0x0
[ 1196.423780][  T789] hid-generic 0000:0003:0001.000D: hidraw0: <UNKNOWN> HID v0.03 Device [syz0] on syz1
[ 1196.721198][T17845] fido_id[17845]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1197.150817][T17852] ceph: No mds server is up or the cluster is laggy
[ 1197.609146][T17862] netlink: 'syz.3.3363': attribute type 10 has an invalid length.
[ 1197.656537][T17862] syz_tun: entered promiscuous mode
[ 1197.684159][T17862] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[ 1197.702865][T17866] bond1: option mode: unable to set because the bond device has slaves
[ 1198.579121][ T5795] Bluetooth: hci1: Opcode 0x206a failed: -110
[ 1198.586529][T17603] Bluetooth: hci1: command 0x0406 tx timeout
[ 1198.952270][T17874] netlink: 1624 bytes leftover after parsing attributes in process `syz.3.3366'.
[ 1200.294417][T17896] netlink: 'syz.0.3374': attribute type 10 has an invalid length.
[ 1200.321154][T17896] bond1: option mode: unable to set because the bond device has slaves
[ 1200.471208][T17899] netlink: 1624 bytes leftover after parsing attributes in process `syz.5.3377'.
[ 1200.906772][ T5827] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[ 1201.466880][ T5827] usb 1-1: New USB device found, idVendor=05ac, idProduct=0290, bcdDevice=dc.1b
[ 1201.472461][T17603] Bluetooth: hci0: Opcode 0x206a failed: -110
[ 1201.482214][T17603] Bluetooth: hci0: command 0x206a tx timeout
[ 1201.502641][ T5827] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1201.713622][ T5827] usb 1-1: config 0 descriptor??
[ 1201.732104][ T5827] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input16
[ 1201.955012][T12628] usb 1-1: USB disconnect, device number 40
[ 1201.988429][T17929] netlink: 'syz.5.3386': attribute type 10 has an invalid length.
[ 1202.055471][T17929] bond1: option mode: unable to set because the bond device has slaves
[ 1202.676550][T17946] netlink: 'syz.5.3395': attribute type 10 has an invalid length.
[ 1202.715534][T17946] bond1: option mode: unable to set because the bond device has slaves
[ 1203.873058][ T5795] Bluetooth: hci1: command 0x0406 tx timeout
[ 1203.879233][T17603] Bluetooth: hci1: Opcode 0x206a failed: -110
[ 1207.265010][T18018] netlink: 'syz.0.3417': attribute type 10 has an invalid length.
[ 1207.326720][T18018] bond1: option mode: unable to set because the bond device has slaves
[ 1208.816366][T18059] netlink: 'syz.4.3431': attribute type 10 has an invalid length.
[ 1208.837405][T18059] bond1: option mode: unable to set because the bond device has slaves
[ 1210.876002][T18087] netlink: 'syz.4.3440': attribute type 10 has an invalid length.
[ 1211.085188][T18087] bond1: option mode: unable to set because the bond device has slaves
[ 1215.429534][T18125] netlink: 'syz.3.3452': attribute type 10 has an invalid length.
[ 1215.480400][T18125] bond1: option mode: unable to set because the bond device has slaves
[ 1223.126647][T18237] blktrace: Concurrent blktraces are not allowed on loop10
[ 1224.538332][T18262] ceph: No mds server is up or the cluster is laggy
[ 1224.548121][ T5876] libceph: connect (1)[c::]:6789 error -101
[ 1224.612506][ T5876] libceph: mon0 (1)[c::]:6789 connect error
[ 1226.521380][T18290] overlayfs: failed to clone lowerpath
[ 1226.577064][T18291] overlayfs: failed to clone lowerpath
[ 1227.882143][T18306] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3511'.
[ 1235.836396][T18383] orangefs_mount: mount request failed with -4
[ 1238.792458][ T5876] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[ 1238.848790][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[ 1238.855211][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[ 1239.593868][ T5876] usb 1-1: Using ep0 maxpacket: 32
[ 1239.612627][ T5876] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1239.745373][ T5876] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1239.757364][ T5876] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[ 1239.766736][ T5876] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1239.777243][ T5876] usb 1-1: config 0 descriptor??
[ 1240.318774][T18457] overlayfs: failed to clone upperpath
[ 1241.872422][ T5795] Bluetooth: hci4: command 0x206a tx timeout
[ 1241.878584][T17603] Bluetooth: hci4: Opcode 0x206a failed: -110
[ 1241.932870][ T5876] kone 0003:1E7D:2CED.000E: hidraw0: USB HID v0.00 Device [HID 1e7d:2ced] on usb-dummy_hcd.0-1/input0
[ 1242.062205][ T5876] kone 0003:1E7D:2CED.000E: couldn't init struct kone_device
[ 1242.072437][ T5876] kone 0003:1E7D:2CED.000E: couldn't install mouse
[ 1242.080657][ T5876] kone: probe of 0003:1E7D:2CED.000E failed with error -5
[ 1242.091057][ T5876] usb 1-1: USB disconnect, device number 41
[ 1242.217505][T18466] fido_id[18466]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[ 1244.138992][T18509] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3576'.
[ 1244.993036][ T5795] Bluetooth: hci4: command 0x206a tx timeout
[ 1244.999191][T17603] Bluetooth: hci4: Opcode 0x206a failed: -110
[ 1247.176280][T18535] nbd11: detected capacity change from 0 to 127
[ 1247.183715][ T5795] block nbd11: Wrong magic (0x989b4372)
[ 1247.193246][T18542] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3585'.
[ 1247.242542][T12710] block nbd11: Dead connection, failed to find a fallback
[ 1247.249718][T12710] block nbd11: shutting down sockets
[ 1247.255430][T12710] blk_print_req_error: 186 callbacks suppressed
[ 1247.255441][T12710] I/O error, dev nbd11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1247.271638][T18542] block nbd0: reconnected socket
[ 1247.272132][T12710] buffer_io_error: 286 callbacks suppressed
[ 1247.272143][T12710] Buffer I/O error on dev nbd11, logical block 0, async page read
[ 1247.291252][T12710] Buffer I/O error on dev nbd11, logical block 1, async page read
[ 1247.302566][T12710] Buffer I/O error on dev nbd11, logical block 2, async page read
[ 1247.302954][T18542] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1247.310404][T12710] Buffer I/O error on dev nbd11, logical block 3, async page read
[ 1247.310719][T12710] I/O error, dev nbd11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1247.335052][T12710] Buffer I/O error on dev nbd11, logical block 0, async page read
[ 1247.343036][T12710] Buffer I/O error on dev nbd11, logical block 1, async page read
[ 1247.350893][T12710] Buffer I/O error on dev nbd11, logical block 2, async page read
[ 1247.358913][T12710] Buffer I/O error on dev nbd11, logical block 3, async page read
[ 1247.367174][T12710] I/O error, dev nbd11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1247.376813][T12710] Buffer I/O error on dev nbd11, logical block 0, async page read
[ 1247.385221][T12710] Buffer I/O error on dev nbd11, logical block 1, async page read
[ 1247.393504][T12710] I/O error, dev nbd11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1247.403559][T12710] I/O error, dev nbd11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1247.413177][T12710] I/O error, dev nbd11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1247.422708][T12710] I/O error, dev nbd11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1247.432178][T12710] I/O error, dev nbd11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1247.442475][T18521] ldm_validate_partition_table(): Disk read failed.
[ 1247.449672][T12710] I/O error, dev nbd11, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1247.459241][T12710] I/O error, dev nbd11, sector 2 op 0x0:(READ) flags 0x0 phys_seg 3 prio class 2
[ 1247.464932][ T5795] block nbd0: Receive control failed (result -32)
[ 1247.469686][T18521] Dev nbd11: unable to read RDB block 0
[ 1247.478361][T17603] Bluetooth: hci1: Opcode 0x206a failed: -110
[ 1247.482756][T18521]  nbd11: unable to read partition table
[ 1247.487071][T17603] Bluetooth: hci1: command 0x0406 tx timeout
[ 1247.504035][T18521] ldm_validate_partition_table(): Disk read failed.
[ 1247.512584][T18521] Dev nbd11: unable to read RDB block 0
[ 1247.519240][T18521]  nbd11: unable to read partition table
[ 1255.152919][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[ 1255.160633][T18546] Bluetooth: hci1: Opcode 0x206a failed: -110
[ 1258.945308][T18648] autofs4:pid:18648:autofs_fill_super: called with bogus options
[ 1259.319990][   T27] audit: type=1326 audit(2000000020.880:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18660 comm="syz.4.3622" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f12d8b8efc9 code=0x0
[ 1259.682575][ T5998] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[ 1259.874704][ T5998] usb 1-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1259.884674][ T5998] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1259.895556][ T5998] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1259.908585][ T5998] usb 1-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1259.926021][ T5998] usb 1-1: Product: syz
[ 1259.931368][ T5998] usb 1-1: Manufacturer: syz
[ 1259.939527][ T5998] usb 1-1: SerialNumber: syz
[ 1259.954653][ T5998] usb 1-1: config 0 descriptor??
[ 1259.971539][ T5998] usb 1-1: selecting invalid altsetting 0
[ 1260.123187][T18546] Bluetooth: hci1: Opcode 0x206a failed: -110
[ 1260.129413][T18546] Bluetooth: hci1: command 0x0406 tx timeout
[ 1260.218216][T16215] usb 1-1: USB disconnect, device number 42
[ 1262.576011][T18720] binder: 18716:18720 ioctl 40182103 200000000300 returned -22
[ 1264.809781][T18744] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3646'.
[ 1264.833547][T18747] netlink: 204 bytes leftover after parsing attributes in process `syz.4.3645'.
[ 1270.444460][T18822] overlayfs: failed to resolve './file1/file0': -2
[ 1273.506102][T18857] genirq: Flags mismatch irq 7. 00000000 (ttyS3) vs. 00000000 (comedi_parport)
[ 1275.452863][T18872] overlayfs: failed to resolve './file1/file0': -2
[ 1276.887105][T18892] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3692'.
[ 1279.617022][T18940] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3706'.
[ 1280.247527][T14086] usb 1-1: new full-speed USB device number 43 using dummy_hcd
[ 1280.507239][T14086] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1280.517040][T14086] usb 1-1: not running at top speed; connect to a high speed hub
[ 1280.541046][T14086] usb 1-1: config 3 has an invalid interface number: 229 but max is 0
[ 1280.610174][T14086] usb 1-1: config 3 has no interface number 0
[ 1280.616946][T14086] usb 1-1: config 3 interface 229 altsetting 10 has 0 endpoint descriptors, different from the interface descriptor's value: 15
[ 1280.630263][T14086] usb 1-1: config 3 interface 229 has no altsetting 0
[ 1280.649384][T14086] usb 1-1: New USB device found, idVendor=0bc3, idProduct=0001, bcdDevice=58.b1
[ 1280.667889][T14086] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1280.690655][T14086] usb 1-1: Product: syz
[ 1280.710140][T14086] usb 1-1: Manufacturer: syz
[ 1280.725800][T14086] usb 1-1: SerialNumber: syz
[ 1280.871235][T18951] overlayfs: failed to resolve './file1/file0': -2
[ 1283.934283][T14086] ipw 1-1:3.229: IPWireless converter converter detected
[ 1283.982869][T14086] usb 1-1: USB disconnect, device number 43
[ 1284.036346][T14086] ipw 1-1:3.229: device disconnected
[ 1284.643835][T18972] orangefs_mount: mount request failed with -4
[ 1288.124029][T19023] overlayfs: failed to resolve './file1/file0': -2
[ 1289.023574][T19010] orangefs_mount: mount request failed with -4
[ 1292.159327][T19075] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3753'.
[ 1292.784854][T19065] orangefs_mount: mount request failed with -4
[ 1293.679516][ T5827] hid-generic 0000:0003:0001.000F: unknown main item tag 0x0
[ 1293.702218][ T5827] hid-generic 0000:0003:0001.000F: unknown main item tag 0x0
[ 1293.732111][ T5827] hid-generic 0000:0003:0001.000F: hidraw0: <UNKNOWN> HID v0.03 Device [syz0] on syz1
[ 1293.934536][T19102] fido_id[19102]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1295.133199][   T27] audit: type=1326 audit(2000000056.690:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19127 comm="syz.3.3772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f055eb8efc9 code=0x7ffc0000
[ 1295.192227][   T27] audit: type=1326 audit(2000000056.690:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19127 comm="syz.3.3772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f055eb8efc9 code=0x7ffc0000
[ 1295.256564][   T27] audit: type=1326 audit(2000000056.730:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19127 comm="syz.3.3772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f055eb8efc9 code=0x7ffc0000
[ 1295.409518][   T27] audit: type=1326 audit(2000000056.730:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19127 comm="syz.3.3772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f055eb8efc9 code=0x7ffc0000
[ 1295.467958][   T27] audit: type=1326 audit(2000000056.730:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19127 comm="syz.3.3772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=332 compat=0 ip=0x7f055eb8efc9 code=0x7ffc0000
[ 1295.490686][   T27] audit: type=1326 audit(2000000056.730:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19127 comm="syz.3.3772" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f055eb8efc9 code=0x7ffc0000
[ 1295.628757][   T27] audit: type=1326 audit(2000000057.190:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19141 comm="syz.0.3778" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f073d78efc9 code=0x0
[ 1295.892583][T19155] blktrace: Concurrent blktraces are not allowed on loop6
[ 1295.969300][T19158] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3783'.
[ 1295.994799][T19158] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3783'.
[ 1296.039256][T19158] bond0: entered promiscuous mode
[ 1296.066791][T19158] bond0: left promiscuous mode
[ 1296.651439][T19176] netlink: 'syz.4.3790': attribute type 3 has an invalid length.
[ 1300.271913][T19215] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3805'.
[ 1300.292779][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.299128][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[ 1302.783910][T18546] Bluetooth: hci0: unexpected event for opcode 0x040d
[ 1306.561603][T19302] overlayfs: failed to resolve './file1/file0': -2
[ 1308.185205][T19343] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1309.196764][T19350] overlayfs: failed to resolve './file1/file0': -2
[ 1310.032543][T18546] Bluetooth: hci1: Opcode 0x206a failed: -110
[ 1310.038872][T18546] Bluetooth: hci1: command 0x0406 tx timeout
[ 1311.194328][ T5827] libceph: connect (1)[c::]:6789 error -101
[ 1311.200976][ T5827] libceph: mon0 (1)[c::]:6789 connect error
[ 1311.247165][T19391] ceph: No mds server is up or the cluster is laggy
[ 1311.813753][T17873] hid-generic 0000:0003:0001.0010: unknown main item tag 0x0
[ 1311.851464][T17873] hid-generic 0000:0003:0001.0010: unknown main item tag 0x0
[ 1311.895296][T17873] hid-generic 0000:0003:0001.0010: hidraw0: <UNKNOWN> HID v0.03 Device [syz0] on syz1
[ 1312.074847][T19399] fido_id[19399]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1312.134000][T19401] netlink: 'syz.3.3869': attribute type 1 has an invalid length.
[ 1312.229144][T19405] bond2: (slave gretap1): making interface the new active one
[ 1312.287359][T19405] bond2: (slave gretap1): Enslaving as an active interface with an up link
[ 1312.313321][T19404] nbd12: detected capacity change from 0 to 127
[ 1312.322209][T18546] block nbd12: Wrong magic (0x989b4372)
[ 1312.342231][T19406] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3870'.
[ 1312.343508][T12107] block nbd12: Dead connection, failed to find a fallback
[ 1312.359194][T12107] block nbd12: shutting down sockets
[ 1312.364656][T12107] blk_print_req_error: 89 callbacks suppressed
[ 1312.364668][T12107] I/O error, dev nbd12, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1312.380084][T12107] buffer_io_error: 138 callbacks suppressed
[ 1312.380096][T12107] Buffer I/O error on dev nbd12, logical block 0, async page read
[ 1312.382019][T19406] block nbd0: reconnected socket
[ 1312.386822][T12107] Buffer I/O error on dev nbd12, logical block 1, async page read
[ 1312.407459][T12107] Buffer I/O error on dev nbd12, logical block 2, async page read
[ 1312.415597][T12107] Buffer I/O error on dev nbd12, logical block 3, async page read
[ 1312.424955][T12107] I/O error, dev nbd12, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1312.428980][T19398] overlayfs: failed to resolve './file1/file0': -2
[ 1312.434558][T12107] Buffer I/O error on dev nbd12, logical block 0, async page read
[ 1312.450105][T12107] Buffer I/O error on dev nbd12, logical block 1, async page read
[ 1312.458079][T12107] Buffer I/O error on dev nbd12, logical block 2, async page read
[ 1312.464274][T18546] block nbd0: Receive control failed (result -32)
[ 1312.466688][T12107] Buffer I/O error on dev nbd12, logical block 3, async page read
[ 1312.480458][T12107] I/O error, dev nbd12, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1312.490301][T12107] Buffer I/O error on dev nbd12, logical block 0, async page read
[ 1312.498280][T12107] Buffer I/O error on dev nbd12, logical block 1, async page read
[ 1312.506444][T12107] I/O error, dev nbd12, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1312.515979][T12107] I/O error, dev nbd12, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1312.525494][T12107] I/O error, dev nbd12, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1312.534900][T12107] I/O error, dev nbd12, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1312.544248][T12107] I/O error, dev nbd12, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1312.553844][T12107] I/O error, dev nbd12, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1312.565139][T12710] I/O error, dev nbd12, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1312.602823][T18678] ldm_validate_partition_table(): Disk read failed.
[ 1312.626087][T19401] vlan0: entered allmulticast mode
[ 1312.644681][T18678] Dev nbd12: unable to read RDB block 0
[ 1312.661907][T19401] bond2: entered allmulticast mode
[ 1312.684055][T19401] gretap1: entered allmulticast mode
[ 1312.693113][T18678]  nbd12: unable to read partition table
[ 1312.706844][T19401] bond2: (slave vlan0): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[ 1312.751611][T18678] ldm_validate_partition_table(): Disk read failed.
[ 1312.768230][T18678] Dev nbd12: unable to read RDB block 0
[ 1312.774050][T19414] capability: warning: `syz.0.3872' uses deprecated v2 capabilities in a way that may be insecure
[ 1312.956071][T18678]  nbd12: unable to read partition table
[ 1315.472779][T18546] Bluetooth: hci0: Opcode 0x206a failed: -110
[ 1315.478980][T18546] Bluetooth: hci0: command 0x206a tx timeout
[ 1316.095303][T19454] overlayfs: failed to resolve './file1/file0': -2
[ 1316.410175][T18546] Bluetooth: hci4: unexpected event for opcode 0x040d
[ 1317.425653][T19477] ceph: No mds server is up or the cluster is laggy
[ 1317.435784][ T5827] libceph: connect (1)[c::]:6789 error -101
[ 1317.507111][ T5827] libceph: mon0 (1)[c::]:6789 connect error
[ 1320.410439][ T5827] hid-generic 0000:0003:0001.0011: unknown main item tag 0x0
[ 1320.446335][ T5827] hid-generic 0000:0003:0001.0011: unknown main item tag 0x0
[ 1320.555915][ T5827] hid-generic 0000:0003:0001.0011: hidraw0: <UNKNOWN> HID v0.03 Device [syz0] on syz1
[ 1321.534021][T19521] fido_id[19521]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1322.022454][ T5998] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[ 1322.035866][T19525] overlayfs: failed to resolve './file1/file0': -2
[ 1322.222538][ T5998] usb 1-1: Using ep0 maxpacket: 8
[ 1322.234467][ T5998] usb 1-1: config 9 has an invalid interface number: 194 but max is 0
[ 1322.252422][ T5998] usb 1-1: config 9 has no interface number 0
[ 1322.265225][ T5998] usb 1-1: New USB device found, idVendor=10d2, idProduct=ee04, bcdDevice=ba.a2
[ 1322.282551][ T5998] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1322.302409][ T5998] usb 1-1: Product: syz
[ 1322.310197][ T5998] usb 1-1: Manufacturer: syz
[ 1322.322342][ T5998] usb 1-1: SerialNumber: syz
[ 1322.555196][ T5998] usblcd 1-1:9.194: USBLCD model not supported.
[ 1322.614516][ T5998] usb 1-1: USB disconnect, device number 44
[ 1325.159484][T19560] orangefs_mount: mount request failed with -4
[ 1327.164649][T19600] lo speed is unknown, defaulting to 1000
[ 1327.170499][T19600] lo speed is unknown, defaulting to 1000
[ 1327.183854][T19600] lo speed is unknown, defaulting to 1000
[ 1327.199353][T19600] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[ 1327.874104][T19600] lo speed is unknown, defaulting to 1000
[ 1327.906888][T19600] lo speed is unknown, defaulting to 1000
[ 1327.958084][T19600] lo speed is unknown, defaulting to 1000
[ 1327.989751][T19600] lo speed is unknown, defaulting to 1000
[ 1328.036209][T19600] lo speed is unknown, defaulting to 1000
[ 1328.204076][T19600] lo speed is unknown, defaulting to 1000
[ 1328.211312][T19600] lo speed is unknown, defaulting to 1000
[ 1328.480777][T19618] vcan0: tx drop: invalid sa for name 0x0000000000000001
[ 1331.792389][T19639] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[ 1333.116872][T19660] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3948'.
[ 1336.567883][T19707] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.3963'.
[ 1336.761197][T19703] orangefs_mount: mount request failed with -4
[ 1340.442635][T19758] netlink: 'syz.3.3981': attribute type 1 has an invalid length.
[ 1341.546510][T19760] orangefs_mount: mount request failed with -4
[ 1341.916194][T18546] block nbd13: Wrong magic (0x989b4372)
[ 1341.925765][T19780] nbd13: detected capacity change from 0 to 127
[ 1341.953012][T12710] block nbd13: Dead connection, failed to find a fallback
[ 1341.960256][T12710] block nbd13: shutting down sockets
[ 1341.965979][T12710] blk_print_req_error: 84 callbacks suppressed
[ 1341.965992][T12710] I/O error, dev nbd13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1341.982047][T12710] buffer_io_error: 138 callbacks suppressed
[ 1341.982059][T12710] Buffer I/O error on dev nbd13, logical block 0, async page read
[ 1341.997634][T12710] I/O error, dev nbd13, sector 2 op 0x0:(READ) flags 0x0 phys_seg 3 prio class 2
[ 1341.998212][T19784] netlink: 48 bytes leftover after parsing attributes in process `syz.5.3990'.
[ 1342.007608][T12710] Buffer I/O error on dev nbd13, logical block 1, async page read
[ 1342.024589][T12710] Buffer I/O error on dev nbd13, logical block 2, async page read
[ 1342.033218][T12710] Buffer I/O error on dev nbd13, logical block 3, async page read
[ 1342.050951][T12107] I/O error, dev nbd13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1342.072476][T12107] Buffer I/O error on dev nbd13, logical block 0, async page read
[ 1342.080339][T12107] Buffer I/O error on dev nbd13, logical block 1, async page read
[ 1342.092894][T12107] Buffer I/O error on dev nbd13, logical block 2, async page read
[ 1342.100750][T12107] Buffer I/O error on dev nbd13, logical block 3, async page read
[ 1342.109201][T12107] I/O error, dev nbd13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1342.122355][T12107] Buffer I/O error on dev nbd13, logical block 0, async page read
[ 1342.130200][T12107] Buffer I/O error on dev nbd13, logical block 1, async page read
[ 1342.138694][T12107] I/O error, dev nbd13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1342.149192][T12107] I/O error, dev nbd13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[ 1342.159669][T12107] I/O error, dev nbd13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1342.169771][T12107] I/O error, dev nbd13, sector 2 op 0x0:(READ) flags 0x0 phys_seg 3 prio class 2
[ 1342.179395][T12107] I/O error, dev nbd13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1342.189750][T12107] I/O error, dev nbd13, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1342.200398][T19677] ldm_validate_partition_table(): Disk read failed.
[ 1342.213256][T19677] Dev nbd13: unable to read RDB block 0
[ 1342.220603][T19677]  nbd13: unable to read partition table
[ 1342.234964][T19677] ldm_validate_partition_table(): Disk read failed.
[ 1342.251518][T19677] Dev nbd13: unable to read RDB block 0
[ 1342.259823][T19677]  nbd13: unable to read partition table
[ 1343.591884][T19803] orangefs_mount: mount request failed with -4
[ 1344.079537][T19825] netlink: 48 bytes leftover after parsing attributes in process `syz.3.4004'.
[ 1345.952456][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[ 1346.277488][T19837] orangefs_mount: mount request failed with -4
[ 1350.729691][T19881] orangefs_mount: mount request failed with -4
[ 1350.847639][T19889] netlink: 72 bytes leftover after parsing attributes in process `syz.4.4026'.
[ 1351.928022][T19899] overlayfs: failed to resolve './file1/file0': -2
[ 1353.993575][T19922] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4037'.
[ 1354.622562][T18546] Bluetooth: hci4: command 0x206a tx timeout
[ 1354.628665][   T51] Bluetooth: hci4: Opcode 0x206a failed: -110
[ 1357.551359][T19967] ceph: No mds server is up or the cluster is laggy
[ 1357.558679][ T5827] libceph: connect (1)[c::]:6789 error -101
[ 1357.565589][ T5827] libceph: mon0 (1)[c::]:6789 connect error
[ 1358.032409][   T51] Bluetooth: hci4: Opcode 0x206a failed: -110
[ 1358.039573][   T51] Bluetooth: hci4: command 0x206a tx timeout
[ 1358.347861][T19972] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[ 1358.350146][T19958] orangefs_mount: mount request failed with -4
[ 1358.399517][ T5827] libceph: connect (1)[c::]:6789 error -101
[ 1358.405777][ T5827] libceph: mon0 (1)[c::]:6789 connect error
[ 1361.048015][T20011] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4064'.
[ 1361.792791][T20015] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[ 1361.802936][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[ 1361.891551][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[ 1361.902850][T20020] netlink: 132 bytes leftover after parsing attributes in process `syz.5.4065'.
[ 1364.864715][T20052] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[ 1365.394717][T20056] netlink: 132 bytes leftover after parsing attributes in process `syz.4.4076'.
[ 1367.829437][   T51] Bluetooth: hci4: command 0x206a tx timeout
[ 1367.835714][T18546] Bluetooth: hci4: Opcode 0x206a failed: -110
[ 1367.963598][T20084] ceph: No mds server is up or the cluster is laggy
[ 1368.006111][ T5827] libceph: connect (1)[c::]:6789 error -101
[ 1368.245126][ T5827] libceph: mon0 (1)[c::]:6789 connect error
[ 1369.507367][T20109] netlink: 132 bytes leftover after parsing attributes in process `syz.5.4093'.
[ 1370.129102][T20120] netlink: 72 bytes leftover after parsing attributes in process `syz.3.4099'.
[ 1371.482487][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[ 1371.488598][T18546] Bluetooth: hci1: Opcode 0x206a failed: -110
[ 1372.020121][T20137] overlayfs: failed to clone upperpath
[ 1372.228808][T20140] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4103'.
[ 1374.816692][T20154] orangefs_mount: mount request failed with -4
[ 1374.992967][T18546] Bluetooth: hci0: Opcode 0x206a failed: -110
[ 1374.999226][T18546] Bluetooth: hci0: command 0x206a tx timeout
[ 1377.013119][T20193] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4120'.
[ 1377.954690][T12107] block nbd0: Dead connection, failed to find a fallback
[ 1377.961885][T12107] block nbd0: shutting down sockets
[ 1377.968051][T12107] blk_print_req_error: 92 callbacks suppressed
[ 1377.968063][T12107] I/O error, dev nbd0, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1377.992707][T20205] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256
[ 1378.035107][T12107] I/O error, dev nbd0, sector 124 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1378.078595][T20205] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=62, location=62
[ 1378.539718][T12107] I/O error, dev nbd0, sector 122 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1378.550490][T20205] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=61, location=61
[ 1378.809444][T12710] I/O error, dev nbd0, sector 120 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1378.820381][T20205] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=60, location=60
[ 1378.830276][T20205] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512
[ 1378.841155][T20205] 
[ 1378.843502][T20205] ======================================================
[ 1378.850514][T20205] WARNING: possible circular locking dependency detected
[ 1378.857527][T20205] syzkaller #0 Not tainted
[ 1378.861920][T20205] ------------------------------------------------------
[ 1378.868918][T20205] syz.0.4125/20205 is trying to acquire lock:
[ 1378.874959][T20205] ffff888148d2e3b0 (&sb->s_type->i_mutex_key#8){++++}-{3:3}, at: set_blocksize+0x201/0x4b0
[ 1378.884951][T20205] 
[ 1378.884951][T20205] but task is already holding lock:
[ 1378.892287][T20205] ffff88802c9980e0 (&type->s_umount_key#103){++++}-{3:3}, at: mount_bdev+0x1e8/0x2d0
[ 1378.901769][T20205] 
[ 1378.901769][T20205] which lock already depends on the new lock.
[ 1378.901769][T20205] 
[ 1378.912175][T20205] 
[ 1378.912175][T20205] the existing dependency chain (in reverse order) is:
[ 1378.921170][T20205] 
[ 1378.921170][T20205] -> #4 (&type->s_umount_key#103){++++}-{3:3}:
[ 1378.929492][T20205]        down_read+0x46/0x2e0
[ 1378.934257][T20205]        super_lock+0x167/0x360
[ 1378.939101][T20205]        fs_bdev_mark_dead+0xad/0x1f0
[ 1378.944452][T20205]        bdev_mark_dead+0x83/0x1a0
[ 1378.949544][T20205]        disk_force_media_change+0x132/0x1b0
[ 1378.955503][T20205]        nbd_ioctl+0x431/0xed0
[ 1378.960250][T20205]        blkdev_ioctl+0x58b/0x6f0
[ 1378.965260][T20205]        __se_sys_ioctl+0xfd/0x170
[ 1378.970352][T20205]        do_syscall_64+0x55/0xb0
[ 1378.975301][T20205]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1378.981755][T20205] 
[ 1378.981755][T20205] -> #3 (&bdev->bd_holder_lock){+.+.}-{3:3}:
[ 1378.989899][T20205]        __mutex_lock+0x129/0xcc0
[ 1378.994911][T20205]        bd_finish_claiming+0x22f/0x3f0
[ 1379.000438][T20205]        blkdev_get_by_dev+0x45c/0x600
[ 1379.005876][T20205]        bdev_open_by_dev+0x77/0x100
[ 1379.011142][T20205]        setup_bdev_super+0x59/0x660
[ 1379.016410][T20205]        mount_bdev+0x1dd/0x2d0
[ 1379.021244][T20205]        legacy_get_tree+0xea/0x180
[ 1379.026423][T20205]        vfs_get_tree+0x8c/0x280
[ 1379.031335][T20205]        do_new_mount+0x24b/0xa40
[ 1379.036349][T20205]        init_mount+0xd2/0x120
[ 1379.041100][T20205]        do_mount_root+0x97/0x230
[ 1379.046109][T20205]        mount_root_generic+0x195/0x3c0
[ 1379.051639][T20205]        prepare_namespace+0xc2/0x100
[ 1379.056997][T20205]        kernel_init_freeable+0x413/0x570
[ 1379.062703][T20205]        kernel_init+0x1d/0x1c0
[ 1379.067605][T20205]        ret_from_fork+0x48/0x80
[ 1379.072525][T20205]        ret_from_fork_asm+0x11/0x20
[ 1379.077792][T20205] 
[ 1379.077792][T20205] -> #2 (bdev_lock){+.+.}-{3:3}:
[ 1379.084888][T20205]        __mutex_lock+0x129/0xcc0
[ 1379.089897][T20205]        bd_prepare_to_claim+0x1ba/0x480
[ 1379.095506][T20205]        truncate_bdev_range+0x4e/0x260
[ 1379.101025][T20205]        blkdev_fallocate+0x428/0x6a0
[ 1379.106371][T20205]        vfs_fallocate+0x58e/0x700
[ 1379.111459][T20205]        do_madvise+0x15fe/0x3710
[ 1379.116465][T20205]        __x64_sys_madvise+0xa6/0xc0
[ 1379.121726][T20205]        do_syscall_64+0x55/0xb0
[ 1379.126647][T20205]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1379.133042][T20205] 
[ 1379.133042][T20205] -> #1 (mapping.invalidate_lock){++++}-{3:3}:
[ 1379.141356][T20205]        down_write+0x97/0x1f0
[ 1379.146106][T20205]        set_blocksize+0x249/0x4b0
[ 1379.151192][T20205]        sb_min_blocksize+0xbe/0x190
[ 1379.156457][T20205]        ext4_fill_super+0x6df/0x66c0
[ 1379.161807][T20205]        get_tree_bdev+0x3e4/0x510
[ 1379.166895][T20205]        vfs_get_tree+0x8c/0x280
[ 1379.171805][T20205]        do_new_mount+0x24b/0xa40
[ 1379.176802][T20205]        init_mount+0xd2/0x120
[ 1379.181543][T20205]        do_mount_root+0x97/0x230
[ 1379.186546][T20205]        mount_root_generic+0x195/0x3c0
[ 1379.192071][T20205]        prepare_namespace+0xc2/0x100
[ 1379.197441][T20205]        kernel_init_freeable+0x413/0x570
[ 1379.203140][T20205]        kernel_init+0x1d/0x1c0
[ 1379.207964][T20205]        ret_from_fork+0x48/0x80
[ 1379.212879][T20205]        ret_from_fork_asm+0x11/0x20
[ 1379.218143][T20205] 
[ 1379.218143][T20205] -> #0 (&sb->s_type->i_mutex_key#8){++++}-{3:3}:
[ 1379.226735][T20205]        __lock_acquire+0x2ddb/0x7c80
[ 1379.232101][T20205]        lock_acquire+0x197/0x410
[ 1379.237111][T20205]        down_write+0x97/0x1f0
[ 1379.241855][T20205]        set_blocksize+0x201/0x4b0
[ 1379.246945][T20205]        sb_set_blocksize+0x4a/0x100
[ 1379.252207][T20205]        udf_load_vrs+0xe3/0xf00
[ 1379.257119][T20205]        udf_fill_super+0x67d/0x1720
[ 1379.262382][T20205]        mount_bdev+0x22b/0x2d0
[ 1379.267208][T20205]        legacy_get_tree+0xea/0x180
[ 1379.272385][T20205]        vfs_get_tree+0x8c/0x280
[ 1379.277304][T20205]        do_new_mount+0x24b/0xa40
[ 1379.282312][T20205]        __se_sys_mount+0x2da/0x3c0
[ 1379.287495][T20205]        do_syscall_64+0x55/0xb0
[ 1379.292417][T20205]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1379.298805][T20205] 
[ 1379.298805][T20205] other info that might help us debug this:
[ 1379.298805][T20205] 
[ 1379.309009][T20205] Chain exists of:
[ 1379.309009][T20205]   &sb->s_type->i_mutex_key#8 --> &bdev->bd_holder_lock --> &type->s_umount_key#103
[ 1379.309009][T20205] 
[ 1379.324199][T20205]  Possible unsafe locking scenario:
[ 1379.324199][T20205] 
[ 1379.331630][T20205]        CPU0                    CPU1
[ 1379.336974][T20205]        ----                    ----
[ 1379.342320][T20205]   lock(&type->s_umount_key#103);
[ 1379.347432][T20205]                                lock(&bdev->bd_holder_lock);
[ 1379.354865][T20205]                                lock(&type->s_umount_key#103);
[ 1379.362476][T20205]   lock(&sb->s_type->i_mutex_key#8);
[ 1379.367831][T20205] 
[ 1379.367831][T20205]  *** DEADLOCK ***
[ 1379.367831][T20205] 
[ 1379.375949][T20205] 1 lock held by syz.0.4125/20205:
[ 1379.381032][T20205]  #0: ffff88802c9980e0 (&type->s_umount_key#103){++++}-{3:3}, at: mount_bdev+0x1e8/0x2d0
[ 1379.390923][T20205] 
[ 1379.390923][T20205] stack backtrace:
[ 1379.396801][T20205] CPU: 1 PID: 20205 Comm: syz.0.4125 Not tainted syzkaller #0
[ 1379.404232][T20205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1379.414270][T20205] Call Trace:
[ 1379.417537][T20205]  <TASK>
[ 1379.420452][T20205]  dump_stack_lvl+0x16c/0x230
[ 1379.425114][T20205]  ? load_image+0x3b0/0x3b0
[ 1379.429621][T20205]  ? show_regs_print_info+0x20/0x20
[ 1379.434818][T20205]  ? print_circular_bug+0x12b/0x1a0
[ 1379.439998][T20205]  check_noncircular+0x2bd/0x3c0
[ 1379.444923][T20205]  ? print_deadlock_bug+0x5d0/0x5d0
[ 1379.450096][T20205]  ? lockdep_lock+0xe0/0x220
[ 1379.454666][T20205]  ? _find_first_zero_bit+0xd3/0x100
[ 1379.459932][T20205]  __lock_acquire+0x2ddb/0x7c80
[ 1379.464764][T20205]  ? _printk+0xd0/0x110
[ 1379.468895][T20205]  ? verify_lock_unused+0x140/0x140
[ 1379.474070][T20205]  ? load_image+0x3b0/0x3b0
[ 1379.478552][T20205]  ? __lock_acquire+0x7c80/0x7c80
[ 1379.483553][T20205]  ? do_raw_spin_lock+0x121/0x2c0
[ 1379.488557][T20205]  lock_acquire+0x197/0x410
[ 1379.493039][T20205]  ? set_blocksize+0x201/0x4b0
[ 1379.497783][T20205]  ? __might_sleep+0xe0/0xe0
[ 1379.502355][T20205]  ? read_lock_is_recursive+0x20/0x20
[ 1379.507703][T20205]  ? udf_read_tagged+0x4b7/0xe00
[ 1379.512621][T20205]  down_write+0x97/0x1f0
[ 1379.516847][T20205]  ? set_blocksize+0x201/0x4b0
[ 1379.521587][T20205]  ? down_read_killable+0x340/0x340
[ 1379.526766][T20205]  ? udf_check_anchor_block+0x2f0/0x540
[ 1379.532307][T20205]  set_blocksize+0x201/0x4b0
[ 1379.536895][T20205]  sb_set_blocksize+0x4a/0x100
[ 1379.541636][T20205]  udf_load_vrs+0xe3/0xf00
[ 1379.546035][T20205]  ? udf_parse_options+0x1120/0x1120
[ 1379.551299][T20205]  ? udf_get_last_session+0x101/0x200
[ 1379.556665][T20205]  ? __raw_spin_lock_init+0x45/0x100
[ 1379.561931][T20205]  udf_fill_super+0x67d/0x1720
[ 1379.566675][T20205]  ? udf_mount+0x40/0x40
[ 1379.570894][T20205]  ? down_write+0x162/0x1f0
[ 1379.575383][T20205]  ? down_read_killable+0x340/0x340
[ 1379.580564][T20205]  ? setup_bdev_super+0x56b/0x660
[ 1379.585565][T20205]  mount_bdev+0x22b/0x2d0
[ 1379.589874][T20205]  ? udf_mount+0x40/0x40
[ 1379.594093][T20205]  ? get_tree_bdev+0x510/0x510
[ 1379.598830][T20205]  ? vfs_parse_fs_param+0x420/0x420
[ 1379.604008][T20205]  legacy_get_tree+0xea/0x180
[ 1379.608662][T20205]  ? lvid_get_unique_id+0x320/0x320
[ 1379.613838][T20205]  vfs_get_tree+0x8c/0x280
[ 1379.618232][T20205]  do_new_mount+0x24b/0xa40
[ 1379.622712][T20205]  __se_sys_mount+0x2da/0x3c0
[ 1379.627365][T20205]  ? __x64_sys_mount+0xc0/0xc0
[ 1379.632104][T20205]  ? lockdep_hardirqs_on+0x98/0x150
[ 1379.637287][T20205]  ? __x64_sys_mount+0x20/0xc0
[ 1379.642034][T20205]  do_syscall_64+0x55/0xb0
[ 1379.646457][T20205]  ? clear_bhb_loop+0x40/0x90
[ 1379.651113][T20205]  ? clear_bhb_loop+0x40/0x90
[ 1379.655768][T20205]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1379.661635][T20205] RIP: 0033:0x7f073d78efc9
[ 1379.666042][T20205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1379.685628][T20205] RSP: 002b:00007f073e6db038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1379.694018][T20205] RAX: ffffffffffffffda RBX: 00007f073d9e5fa0 RCX: 00007f073d78efc9
[ 1379.701966][T20205] RDX: 0000200000000080 RSI: 0000200000004a00 RDI: 0000200000000000
[ 1379.709916][T20205] RBP: 00007f073d811f91 R08: 0000000000000000 R09: 0000000000000000
[ 1379.717865][T20205] R10: 0000000002008087 R11: 0000000000000246 R12: 0000000000000000
[ 1379.725813][T20205] R13: 00007f073d9e6038 R14: 00007f073d9e5fa0 R15: 00007ffe902663f8
[ 1379.733770][T20205]  </TASK>
[ 1379.738926][   T51] Bluetooth: hci1: Opcode 0x206a failed: -110
[ 1379.739296][T12107] I/O error, dev nbd0, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1379.745121][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[ 1379.760753][T20205] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256
[ 1379.773381][T12710] I/O error, dev nbd0, sector 120 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1379.783733][T20205] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=30, location=30
[ 1379.857508][T16215] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[ 1379.865632][T20206] orangefs_mount: mount request failed with -4
[ 1379.897851][T12710] I/O error, dev nbd0, sector 116 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1379.907694][T20205] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=29, location=29
[ 1379.918186][T12710] I/O error, dev nbd0, sector 112 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1379.927537][T20205] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=28, location=28
[ 1379.936987][T20205] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512
[ 1379.951491][T12710] I/O error, dev nbd0, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1379.960927][T20205] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256
[ 1379.973436][T20217] netlink: 'syz.4.4129': attribute type 10 has an invalid length.
[ 1379.981478][T12710] I/O error, dev nbd0, sector 112 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1379.993772][T20217] dummy0: entered promiscuous mode
[ 1379.999328][T20217] team0: Port device dummy0 added
[ 1380.062735][T20205] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=14, location=14
[ 1380.072704][T20205] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=13, location=13
[ 1380.082134][T20217] netlink: 'syz.4.4129': attribute type 10 has an invalid length.
[ 1380.092748][T20205] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=12, location=12
[ 1380.103124][T20205] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512
[ 1380.104030][T20217] dummy0: left promiscuous mode
[ 1380.118474][T20217] team0: Port device dummy0 removed
[ 1380.125354][T20217] dummy0: entered promiscuous mode
[ 1380.130752][T20217] bond0: (slave dummy0): Enslaving as an active interface with an up link
[ 1380.139421][T16215] usb 1-1: Using ep0 maxpacket: 16
[ 1380.140089][T20205] UDF-fs: warning (device nbd0): udf_fill_super: No partition found (1)
[ 1380.158714][T16215] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1380.180258][T16215] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1380.191389][T16215] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1380.204573][T16215] usb 1-1: New USB device found, idVendor=17ef, idProduct=6062, bcdDevice= 0.00
[ 1380.213697][T16215] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1380.229580][T16215] usb 1-1: config 0 descriptor??
[ 1380.668526][T16215] lenovo 0003:17EF:6062.0012: item fetching failed at offset 0/3
[ 1380.677260][T16215] lenovo 0003:17EF:6062.0012: hid_parse failed
[ 1380.683730][T16215] lenovo: probe of 0003:17EF:6062.0012 failed with error -22
[ 1380.885275][ T5792] usb 1-1: USB disconnect, device number 45