last executing test programs:

15m21.448299759s ago: executing program 32 (id=3862):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000700)=ANY=[@ANYRESHEX, @ANYBLOB="fa108210664bc6d46c6e8b2e0167100703fd69fb", @ANYRES32=r0, @ANYRES32=0x0, @ANYRESHEX=r0, @ANYBLOB="d115ab48a40c7ea89eab7a70f280b74aee3584d33ef8cde9d7dab3df2982f121a5111387fd311622dc9d4b35319084ae03f8576fb28104eb34d0c4fa5f05724a2e293d27a28585ca09b21cfe7b3d634507a07227c6f680acff31658a15691d38aad12a22262a4a488b66122205297d7798e1326ad5e29aa7c3b999e2f343e51f4891ebbeb1f3d79e8ca64a3fc40aa7680b4bda3abbdd736583a2bfddd25f0c581dc9093f1ea09a8365ade87a82e156b9bf900a07acdab59bd05ce13038273c6b69baadddaee2"], &(0x7f0000000000)='GPL\x00', 0x2, 0xb3, &(0x7f0000000140)=""/179, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x48e9, 0x0, 0x2, 0x0, 0x0)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r3, &(0x7f0000000640)={0x28, 0x0, 0x2710, @local}, 0x10)
recvmmsg(r3, &(0x7f0000002b80)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000002c0)=""/80, 0x50}], 0x1}, 0x5}], 0x40000, 0x0, 0x0)
shutdown(r3, 0x0)

14m48.487904973s ago: executing program 33 (id=3948):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000), 0x101000, 0x800, 0x3, 0x1}, 0x20)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000003c0)=0x800, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000100)=0x1000000, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth1_virt_wifi\x00', <r2=>0x0})
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
bind$xdp(r0, &(0x7f0000000240)={0x2c, 0x8, r2}, 0x10)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000140)=0x21, 0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000003c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r3}, 0x10)

13m28.626221785s ago: executing program 34 (id=4200):
munmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x3938700}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000040)=0x3)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000440), 0x0, 0x0)
close(r2)

12m16.322139196s ago: executing program 3 (id=4433):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
mlockall(0x2)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$rxrpc(0x21, 0x2, 0xa)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e2a, 0xffffffff, @mcast2, 0x9}, 0x1c)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5})
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x6, 0x100000b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
setgroups(0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bind$rxrpc(r0, 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd74)
r4 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x717e, 0x100, 0x14, 0x193}, &(0x7f0000000140)=<r5=>0x0, &(0x7f0000000180)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0)

12m15.515831693s ago: executing program 3 (id=4438):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
syz_open_dev$cec(&(0x7f0000000200), 0x0, 0x82)
syz_open_procfs(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x40505330, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x800, 0x0, r1}, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r5 = socket$tipc(0x1e, 0x5, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(0xffffffffffffffff, 0xc2604110, 0x0)
bind$tipc(r5, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
r6 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x1}, 0x10)
sendmsg$tipc(r6, &(0x7f0000000540)={&(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x4}}, 0x10, 0x0}, 0x10)

12m14.480968222s ago: executing program 3 (id=4443):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r1 = memfd_create(&(0x7f0000000300)='+\x8b\x8a\x16\x11O\xdd\xdfk(F\x99\xdf\x92\xd5>oJ\x02u\x9b\xafa\xac\x06\x9c&\xf5\xe3j\xfa\tcqM\xb8R\x86\xd9\xd2.\x9f\x12\xed\x10\f\xbd\x1a|\x8a\xbb\xda\xcfY\x98gU@\xf2M\xc0\xb5\xdf\x9a\x8d\xdb,n\xae\x0eT\x80\x8c\xfd\xd7\xb0\x94\x82t\x96\rKx\xc5\x9b\x8c\x87\x96\x8bc\xbc\xee\xcc\x9f\xe3F\x99V4\x8e;M\xa9\x823\xe3\xb3mG\x8f\xdb\xed\x1b\x05\xec\xfc\xd1\xb5\xfd\xec@\xdeU\xdd\xa4\xc1\xe4L)\x8e\xe5\x91\x8e\xd4\x89\xef\x95T\x05G\xac\xb8\xc1: )mh\xc7\xf1?\xbb\x13;\xad\x95\xd70\xb6\x0e\x7f\x84r\x0e\xbf\xc5\xf6\xd4\xdd\t\x14\x18\xf7\xefi\x93\x03\xd2\xf2\bK\"\xd2\xb5\xaa\xb8\xc8\xe0\xac\x99\xe8su\xcd\xc3E\x12\xd7\xdd\x96!\x16Tu\xe3\xf0\x84#R\xd9\xe3~Wj\xb0r\x87\'\xea\a\xcfOeK\x9daW\xf4\x87@\x9c\xf3\xf1K\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x91\xe6\xdb\xc2\xa5h\'\xdfIn\x97\x0263~\xeb\xbe(i\n\xc2k4\x7f\x12\xa9e`SOs\x8c\xb4\xe7FeQ\xc6$\x92j_U\xfa\b\xea\xb0bYkW\xc0\x05\aC{\xcc\x03T\x17\xa5Sk\x87P\xc2\x97D\xb2\xfa\x1b\x9fe\xf4\x10\x1a\xad\x92\xce\x88\x1b\xbc\xe14\x19\xaa\xd3\r\xf4\xa2\xc3\x9e=\xa0 \xe6j\xe5\x85\xf8\x97\x03\x15\xaa\x920\xdcrI\xd8\b\xfb\xc7\xe7xX\x00>d\xbb\xa71\xad\x9a\xfb\xe6\x13\x87\x93\\\xe5W-\xfc\xfd\xb8O\xb9j\xb8\xf2\x9dx\xb2\x86\xad\x92', 0x3)
write$binfmt_elf64(r1, 0x0, 0x78)
add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000240)=[{0x0}, {&(0x7f0000000300)="359cb6", 0x3}], 0x2, &(0x7f0000000180)=ANY=[@ANYRES32=r1, @ANYRES32=0x0], 0x30}], 0x1, 0x0)
sendmmsg$inet(r3, &(0x7f0000000c40)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x23, 0x0}}], 0x3284b164842c97f7, 0x8014)

12m13.494208636s ago: executing program 3 (id=4444):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0xf, 0x5, 0x8}}}}]}, 0x44}}, 0x20040084)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000940)=@delqdisc={0x24, 0x25, 0x1, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0x1}, {0x0, 0xfff1}, {0xfff4, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x20001005}, 0x20040080)

12m13.205082478s ago: executing program 0 (id=4445):
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x4, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0xc820d100, 0x0, 0xffffffffffffffa0, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0xc}, @hci_rp_le_read_local_features={{0xf}, {0x7, "8534e80fa9079896"}}}}, 0xf)

12m13.122117401s ago: executing program 3 (id=4446):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)}], 0x1, 0x0, 0x0, 0x7400}, 0x20000080)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, &(0x7f0000000180))

12m12.990612067s ago: executing program 3 (id=4447):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40f00, 0x23, '\x00', 0x0, 0x2}, 0x94)
sched_setscheduler(0x0, 0x1, 0x0)
creat(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00'})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
syz_emit_ethernet(0x66, &(0x7f00000003c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x14}, @void, {@ipv4={0x88fb, @gre={{0x5, 0x4, 0x2, 0x1, 0x58, 0x66, 0x0, 0x8, 0x2f, 0x0, @multicast2, @initdev={0xac, 0x1e, 0x81, 0x0}}, {{0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x880b, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}, {0x1}, {0x8, 0x88be, 0x3, {{0x5, 0x1, 0x6, 0x2, 0x1, 0x1, 0x6, 0x4}, 0x1, {0x500c}}}, {0x8, 0x22eb, 0x4, {{0xe, 0x2, 0xf8, 0x3, 0x1, 0x2, 0x4, 0xf9}, 0x2, {0x1, 0x9, 0x0, 0x3, 0x1, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x3}}}}}}, 0x0)
r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
fchdir(r3)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

12m12.811555027s ago: executing program 0 (id=4448):
ptrace(0x10, 0x0)
r0 = socket(0x10, 0x2, 0x0)
ioctl$sock_inet6_tcp_SIOCATMARK(0xffffffffffffffff, 0x8905, &(0x7f00000000c0))
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000300)={0x0, <r1=>0x0})
ioctl$TIOCSPGRP(0xffffffffffffffff, 0x5410, &(0x7f0000000340)=r1)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x20002, 0x0)
semget$private(0x0, 0x1, 0x398)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="400000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100707070000c00028008000100", @ANYRES32=r2], 0x40}}, 0x0)
ioctl$PPPIOCSFLAGS1(r2, 0x40047459, &(0x7f0000000140))
r3 = io_uring_setup(0x3403, &(0x7f0000000240)={0x0, 0xfbe4, 0x400, 0x1, 0x3b2})
r4 = syz_io_uring_setup(0x8d5, &(0x7f0000000380)={0x0, 0xf478, 0x100, 0x3, 0x1c7, 0x0, r3}, &(0x7f0000000400)=<r5=>0x0, &(0x7f00000001c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r6, &(0x7f00000001c0)={0xa, 0x4e21, 0x1, @remote, 0x4}, 0x1c)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYRES32=r1], 0x1c}, 0x1, 0x0, 0x0, 0x20000811}, 0x4040)
sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f0000000800)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000440)={0x344, 0x14, 0x104, 0x70bd2b, 0x25dfdbff, {0x27, 0x1}, [@INET_DIAG_REQ_BYTECODE={0xf, 0x1, "077d69892458a03049e6c8"}, @INET_DIAG_REQ_BYTECODE={0xe8, 0x1, "c41675e885d50147c13a4ec5d900f230d1685b2a946d76514447fd3194c6c9dc24df7d0bac01d5bc085e13c762c28badabb364c6b818c6d50d4e169a6b7358f14dd73218620620e2067f7295a7f68f9ad022b9a410526a10f162c9aac7c39edcf95421477c48d04eb7bb1c8f96e25c251c4c35694c20ccc1bbfc3532af3bb146459f06d82cb17b6f1d2e6e78fd3b85f44f4591cffe9f72513bb2882ae89011358e720b5a4f844b027e6ae0fc33653734d7c6265fb7ce36fc179bbd2bdceaa31ea4028dbc670343ebebca33b6e020bd323260e46ab0dc8ed7c8e609ea93a7118cd5105c3e"}, @INET_DIAG_REQ_BYTECODE={0x101, 0x1, "79507c0a007151e144983aad95147e52b25eca392e6d2994e195d6903c85c8c5889f11f31147c2755d2f7d3229bd0a0110db44b6c29d15910c6a000a9d295a92c40b46af9a4f51fc194dbd4823a18d9db778ef9992198814f569a99cb51537de6ef9fc747127b735fc0522de98a10f070cd11eb19f21dc774360313ae440c45d493a3fb8bc0539067c58f969908d429e92305def32a8d8ebd84f4a048f3c43bf6d99cbb64752a51ea8df08e14a0f10c10aed69294b1d45c7cb161d976005d3fb4da7168f2f86a3adac32d50dc3ade7fa980cb32db796b57924bc2113ebf3be0b97cdd973b620b7b939629f93604dda3daefda1009d192a2dfd2bc34dbd"}, @INET_DIAG_REQ_BYTECODE={0x52, 0x1, "259c5653d51dbd3d0c69a9080f5cdf676025416c29892d904a078250b9e29856838775fd1bac4b945e28c19e91d00b484af35e446c441bd6f002654803239a57474dbdb2cdaa9a7a8c6fc1c17572"}, @INET_DIAG_REQ_BYTECODE={0xde, 0x1, "372cc779adaa0c01489c60fefba10f8211394e09d9e59bde5cb3484bd759353e2d1d81da23255adc5ecde6d111e1708937a2d8cea78c2987c18edd010895e0e4b6112959ce2598eb5666f5f2e89cde5b3cb1916710da9d8b5a59d80d24a7942ad8370ae628c4508f8356b2e3f9c41b3ffe6cdb6887a751689da5146bb46c28dbc4f4297ba55c7a68038a2eef0f53d4e3eae270ddeed4a6eff43d47098ab9fbc0be9165131a037d7c49b6ab3826f5ed5fbbfdfcca369ef98491a696a25f5a2ac95f2f6c41890ee814e90c90449f95fd07928940fbc6471e1d0ee4"}]}, 0x344}, 0x1, 0x0, 0x0, 0x40000004}, 0x10)
r7 = io_uring_setup(0xbbc, &(0x7f0000000280)={0x0, 0x0, 0x2, 0x0, 0x15a})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x0)
io_uring_enter(r7, 0x100000, 0x2, 0xf, &(0x7f0000000000), 0x8)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
recvmsg(r9, &(0x7f0000001700)={0x0, 0x0, 0x0}, 0x0)
sendmsg$IPSET_CMD_LIST(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001540)=ANY=[@ANYBLOB="1c0000000706010800000000000000000a0000040500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80)
io_uring_enter(r4, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)

12m11.832469695s ago: executing program 0 (id=4453):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = dup(0xffffffffffffffff)
write$6lowpan_enable(r0, &(0x7f0000000000)='0', 0xfffffd2c)
r1 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0xa005, 0x10100}, &(0x7f0000000080)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x230}})
io_uring_enter(r1, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000440)={<r4=>0xffffffffffffffff})
readv(r4, &(0x7f0000002a40)=[{&(0x7f00000007c0)=""/4096, 0x1000}], 0x1)

12m9.639886003s ago: executing program 0 (id=4455):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x200}}, &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='contention_end\x00', r0}, 0x18)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x114, 0x2e, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x104, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@empty}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82", @typed={0x4, 0xe9}]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

12m9.417803375s ago: executing program 0 (id=4457):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)}], 0x1, 0x0, 0x0, 0x7400}, 0x20000080)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, &(0x7f0000000180))

12m9.353691356s ago: executing program 0 (id=4458):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = socket(0x1f, 0x3, 0x2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0)
ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r0, 0x800442d4, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
bind$inet6(r4, 0x0, 0x0)
setsockopt$RXRPC_UPGRADEABLE_SERVICE(r0, 0x110, 0x5, 0x0, 0x0)
sendto$inet6(r4, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

12m3.85619886s ago: executing program 35 (id=4424):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff})
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r1, &(0x7f0000000300)="f7b920e49a48d1", 0x7)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=[0x1, 0x7], 0x0, 0x0, 0x2}}, 0x40)
r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

11m59.677124777s ago: executing program 36 (id=4435):
mkdir(0x0, 0x0)
rename(0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x7fff, 0x0, 0x1}}, 0x40)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000000c0)=""/80, &(0x7f0000000480)=""/70, 0x100000})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x1, r2})
r4 = getpgid(0xffffffffffffffff)
sched_rr_get_interval(r4, &(0x7f0000000180))
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
mount$9p_virtio(0x0, 0x0, 0x0, 0x1000012, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})

11m57.602494605s ago: executing program 37 (id=4447):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40f00, 0x23, '\x00', 0x0, 0x2}, 0x94)
sched_setscheduler(0x0, 0x1, 0x0)
creat(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00'})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
syz_emit_ethernet(0x66, &(0x7f00000003c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x14}, @void, {@ipv4={0x88fb, @gre={{0x5, 0x4, 0x2, 0x1, 0x58, 0x66, 0x0, 0x8, 0x2f, 0x0, @multicast2, @initdev={0xac, 0x1e, 0x81, 0x0}}, {{0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x880b, 0x0, 0x1}, {0x1, 0x0, 0x0, 0x1}, {0x1}, {0x8, 0x88be, 0x3, {{0x5, 0x1, 0x6, 0x2, 0x1, 0x1, 0x6, 0x4}, 0x1, {0x500c}}}, {0x8, 0x22eb, 0x4, {{0xe, 0x2, 0xf8, 0x3, 0x1, 0x2, 0x4, 0xf9}, 0x2, {0x1, 0x9, 0x0, 0x3, 0x1, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x3}}}}}}, 0x0)
r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
fchdir(r3)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

11m54.310927495s ago: executing program 38 (id=4458):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x5}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = socket(0x1f, 0x3, 0x2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0)
ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r0, 0x800442d4, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
bind$inet6(r4, 0x0, 0x0)
setsockopt$RXRPC_UPGRADEABLE_SERVICE(r0, 0x110, 0x5, 0x0, 0x0)
sendto$inet6(r4, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

11m36.562537214s ago: executing program 5 (id=4502):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r0)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80000}, 0x10000000)

11m36.371883609s ago: executing program 5 (id=4503):
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x3d, "1ae34e0626788a22b2fb12dab240794233a5bd", 0x4, 0x2})
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
ioctl$TCSETS(r0, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0xf9)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140)=0xff)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000001c0)=0x28)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000100)=0x7)

11m36.296515621s ago: executing program 5 (id=4504):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=@newtfilter={0x5c, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0xe, 0x7}, {0x0, 0xfff1}, {0x1001d, 0xfff1}}, [@filter_kind_options=@f_flower={{0xb}, {0x2c, 0x2, [@TCA_FLOWER_KEY_IPV6_SRC_MASK={0x14, 0xf, [0xffffffff, 0xffffffff, 0xff000000]}, @TCA_FLOWER_KEY_IPV6_SRC={0x14, 0xe, @mcast2}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x80}, 0x0)

11m35.984963388s ago: executing program 5 (id=4505):
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f00000001c0)={[{@noblock_validity}]}, 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3M1rVFcbAPDn3nwYNb6JL/LyWkoNtGChOBrFSl2py9ZFof0DDHEiIdcPkhRMcBHbhXRVC910UWgXpX9AoetstNBV6aaVFrqXShHdp9zJnWQwM0mqMx4/fj84c8/HZM7z5JK555C5E8BLa6x8yCP2R8S5LGKk6s8jYrBRG4pYWn3eg/vXJh/evzaZxcrKB39nkVV9zdfKquPuqjEUEb+cyeK/n2ycd25hcWaiKOqzVfvw/MUrh+cWFg9NX5y4UL9QvzR+YvzY8RPHjr99pGu5vrv35tmvxk/t+f7Mrauv3fj9yyxOxXA11ppHt4zFWKxUWvv7I2Ki25Ml0lflk7X0Zf0JAwIAYFN5yxrufzESfbG+eBuJW78mDQ4AAADoipW+WPsfFQAAAPCiyuz/AQAA4AXX/BzAg/vXJpsl7ScSnq57pyNitF3+/bHUOA7FQETsepBF622t2eqPPbGxiNj30+iPZYke3Ye8maXrEfH/dvlnjfxHG3dxb8w/j4hu3Jk99kj7ecr/VBfmT50/AC+n5dOrF7KN1798bf0Tba5//W2uXY8j9fWv8/pvPf++Duu/97c5R/3Ap593Gmtd/xXfvnq7nL88PlFS/8K96xGv9Hde/5T5Zx3yP7fNOQb++PmHTmNl/mW+zfK081/5JuJg2/3P+jfaZJt/P9HhqemiXj22nePG7e/2dZq/9fyXpZy/uRd4Gsrzv6tD/lud/yvbnGP5r4N/dhrbOv/87mD2YaM2WPVcnZifnx2PGMzObuw/unkszec0X6PM/83XN//7b5d/+Z6wVP0eyr3A9epYtj9+ZM5D773zxuPn31tl/ucf8/zf3OYcX382e7fTWOr8AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg+5BExHFleW6vnea0WsTsi9sWuvLg8N//W1OWPLp0vxyJGYyCfmi7qRyJiZLWdle3xRn29ffSR9rGI2BsRX4zsbLRrk5eL86mTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYM3uiBiOLK9FRB4RD0fyvFZLHRUAAADQdaOpAwAAAAB6zv4fAAAAXnz2/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPTY3gPLd7KIWDq5s1FKg9XYQNLIgF7LUwcAJNOXOgAgmf7UAQDJ2OMD2RbjQx1HdnQ9FgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeXQf3L9/JImLp5M5GKQ1WYwNJIwN6LU8dAJBMX+oAgGT6UwcAJGOPD2RbjA91HNnR9VgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHYNN0qW1yIib9TzvFaL2BMRozGQTU0X9SMR8Z+I+G1kYEfZHk8dNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF03t7A4M1EU9VkVFRWVtUrqdyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFKYW1icmSiK+uxc6kgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA1OYWFmcmiqI+28NK6hwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEjnnwAAAP///JMJmQ==")
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x104000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x1805406, 0x0)
mount$fuse(0x0, &(0x7f00000005c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$9p_unix(&(0x7f0000000100)='./file0/file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x12d7498, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x2a05004, 0x0)
umount2(&(0x7f0000000180)='./file0/file0\x00', 0x0)

11m35.751722835s ago: executing program 5 (id=4506):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000000)={0x401, 0x3ff, 0xfffffffb, 0x8001, 0x1a, "08400000c38eaad6a4540ad9455fb5031af800"})
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'rose0\x00', 0x112})
socket$xdp(0x2c, 0x3, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x6, 0x100000b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
socket$inet6_tcp(0xa, 0x1, 0x0)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x390000, 0x1000001000, 0x4d}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000100)=0x9)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000480)={0x8, 0x3, 0x0, 0x10000, 0x1a, "4415264a88b82c521113fb235902af2556c6b6"})

11m34.593998995s ago: executing program 5 (id=4507):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fsopen(&(0x7f00000002c0)='pstore\x00', 0x1)

11m34.081672471s ago: executing program 39 (id=4507):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
fsopen(&(0x7f00000002c0)='pstore\x00', 0x1)

11m0.845184969s ago: executing program 2 (id=4640):
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x24}}, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x42202)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000180)={0x37})

11m0.602559296s ago: executing program 2 (id=4643):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=@newtfilter={0x5c, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0xe, 0x7}, {0x0, 0xfff1}, {0x1001d, 0xfff1}}, [@filter_kind_options=@f_flower={{0xb}, {0x2c, 0x2, [@TCA_FLOWER_KEY_IPV6_SRC_MASK={0x14, 0xf, [0xffffffff, 0xffffffff, 0xff000000]}, @TCA_FLOWER_KEY_IPV6_SRC={0x14, 0xe, @mcast2}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x80}, 0x0)

11m0.194301474s ago: executing program 2 (id=4646):
r0 = syz_open_dev$vim2m(0x0, 0x10002, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000080)=0x2)
ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000380)=@mmap={0x401, 0x2, 0x4, 0x4, 0x4, {0x77359400}, {0x3, 0x2, 0xf, 0x6, 0x3, 0x1, "a91b63d9"}, 0x2, 0x1, {}, 0x101})
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000240)={0xf0f046, 0x100000})

10m58.98500813s ago: executing program 2 (id=4649):
syz_open_dev$tty1(0xc, 0x4, 0x3)
r0 = syz_open_procfs(0x0, &(0x7f0000000200)='task\x00')
lseek(r0, 0x3, 0x0)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r0, 0xc01064c7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)})
socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f00000002c0)={<r1=>0xffffffffffffffff})
getsockopt$inet6_buf(r0, 0x29, 0x14, &(0x7f0000000440)=""/156, &(0x7f0000000180)=0x9c)
splice(r1, 0x0, 0xffffffffffffffff, 0x0, 0x6, 0x0)
syz_pidfd_open(0x0, 0x0)
prlimit64(0x0, 0xc, &(0x7f0000000100)={0x40000000000000, 0x8}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
signalfd(0xffffffffffffffff, 0x0, 0x0)
setpgid(0x0, r2)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x10000, &(0x7f0000000480)=ANY=[])
r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
ioctl$AUTOFS_IOC_READY(r3, 0x9360, 0x800000000000001)

10m58.726060587s ago: executing program 2 (id=4652):
linkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file1\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file2\x00', 0x1000)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file1\x00', 0x20400, 0x20)
fdatasync(r0)

10m58.280784819s ago: executing program 2 (id=4656):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xc}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x20000804)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000780)=@newtfilter={0x4c, 0x2c, 0xd3f, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xfff3, 0x10}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x20, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}, @TCA_BPF_CLASSID={0x8, 0x3, {0x10}}]}}]}, 0x4c}}, 0x20004804)

10m57.306057236s ago: executing program 40 (id=4656):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xc}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x20000804)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000780)=@newtfilter={0x4c, 0x2c, 0xd3f, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xfff3, 0x10}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x20, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}, @TCA_BPF_CLASSID={0x8, 0x3, {0x10}}]}}]}, 0x4c}}, 0x20004804)

10m5.618285621s ago: executing program 1 (id=4891):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=@bridge_newvlan={0x28, 0x70, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@BRIDGE_VLANDB_ENTRY={0x10, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_TUNNEL_INFO={0x4, 0x4, 0x0, 0x1, @BRIDGE_VLANDB_TINFO_ID={0x8, 0x1, 0x34000}}}]}, 0x28}}, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140604000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)

10m5.385430792s ago: executing program 1 (id=4893):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_REMOVE(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4048001}, 0x50)
ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r2}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
dup(r3)
r4 = openat$full(0xffffffffffffff9c, &(0x7f00000012c0), 0x0, 0x0)
read$alg(r4, &(0x7f0000000240)=""/4096, 0xfffffdef)

10m4.013769156s ago: executing program 1 (id=4898):
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x42, 0x80)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@metacopy_on}]})
linkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file1\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file2\x00', 0x1000)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file1\x00', 0x20400, 0x20)
fdatasync(r0)

10m3.832060159s ago: executing program 1 (id=4900):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000180)={0xc})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r0, 0x3ba0, 0x0)
ioctl$IOMMU_GET_HW_INFO(r0, 0x3b8a, &(0x7f00000000c0)={0x28, 0x0, 0x0, 0x0, 0xffffffffffffffff})

10m3.666803765s ago: executing program 1 (id=4902):
r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VIDIOC_ENCODER_CMD(r0, 0xc028564d, &(0x7f0000000100)={0x3, 0x0, [0x9, 0x6, 0x2, 0xc, 0xd9a, 0x34e1, 0xfffffff7, 0x8]})

10m3.419059244s ago: executing program 1 (id=4906):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000200)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000001c0), 0x12)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='xfs\x00', 0x200013, 0x0)

9m47.966070019s ago: executing program 41 (id=4906):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000200)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000001c0), 0x12)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='xfs\x00', 0x200013, 0x0)

29.656062702s ago: executing program 6 (id=6853):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='./file0\x00', r0}, 0x18)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x8040, 0x0, 0x0)

28.507610847s ago: executing program 6 (id=6857):
ioctl$CEC_TRANSMIT(0xffffffffffffffff, 0xc0386105, &(0x7f0000000080)={0x10000, 0x0, 0x1, 0x10001, 0x2, 0x700, "c46519af4b2e657e8e659f0da5a552b7", 0x6, 0x6, 0xb, 0xc, 0x0, 0x9, 0x8})
openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000001c0), 0x40, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
mq_open(0x0, 0x42, 0x0, 0x0)
ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x4}, 0x0)

26.359965154s ago: executing program 4 (id=6865):
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000006c0)=""/236, &(0x7f0000000540)=0xec)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x8000)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

25.924903478s ago: executing program 4 (id=6868):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
msync(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x6)
r1 = syz_io_uring_setup(0x18d6, &(0x7f0000000440)={0x0, 0x5352, 0x0, 0x2000, 0xfffffffc}, &(0x7f0000ffe000), &(0x7f00000004c0))
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r1, 0x2, &(0x7f0000000180), 0xfe)

25.568232991s ago: executing program 4 (id=6869):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1, 0x0, 0x3}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB])
mount(0x0, 0x0, &(0x7f0000000040)='autofs\x00', 0x0, 0x0)
r5 = fsopen(&(0x7f0000000040)='tracefs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x8, 0x0, 0x0, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000004c0)=@multiplanar_userptr={0x4, 0x3, 0x4, 0xa018, 0x0, {}, {0x2, 0xc, 0x7, 0x3, 0x9, 0x1b, "3cdab13e"}, 0x6, 0x2, {&(0x7f0000000440)=[{0xc, 0x8001, {&(0x7f00000001c0)}, 0x60}, {0x3, 0x5, {0x0}, 0x100}]}, 0x3, 0x0, r0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x3, 0x0)
ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f0000000040)={{}, 0x8, 0x5, 0xedd1})
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1e00000081000000100000000000000041040600", @ANYRES32=r0, @ANYBLOB="f4a400"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000200000000000000080000eaffff000000000000000000"], 0x50)
syz_mount_image$udf(&(0x7f0000000040), &(0x7f0000000480)='./file0\x00', 0x2018008, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="2f93edc77863113d68e33456dfe3c025878b46bc73df14f991a8f7a341a10f44c05fc1c37ad73b0239a18733e7436f3b54758b4ce59af971d50e53c14277216c0bba6ad052fa7a6d77f0b19c8b2381abc46dfa7e4bc6c37bbab3f908f48d1a6055a6457c5d503502300a69dc517cc08b955df0d19ae4c120c512eceffbf3fc154e4ba08f2497b14e95cfdef1c26e8623eab9941404ca9d84df9a2c44e453a0cfffbf23e5bf1e872ee040a582eda3d84714e82dde4c02836e5f66775f4df1bdcfbc28eb5ced2b332944d3ab2b9efe3cbb2111fe"], 0xfe, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
keyctl$dh_compute(0x17, &(0x7f0000000100), 0x0, 0x0, &(0x7f0000000180)={0x0})
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010d00000000000000850a000000000000000500000014000500200100000000000000000100000000001c00090008000000", @ANYRES32=r7, @ANYRESHEX=r8], 0x4c}, 0x1, 0x0, 0x0, 0x810}, 0x40000)
sendmmsg(r7, 0x0, 0x0, 0xfc)
syz_open_dev$loop(&(0x7f0000000140), 0x9, 0x40000)

23.957723807s ago: executing program 4 (id=6872):
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0xa4, 0x24, 0xf0b, 0x70bd2b, 0xfff1, {0x0, 0x0, 0x12, r3, {}, {0xffff, 0xffff}, {0x2, 0x6}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0xfe4b, 0x2, [@TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x2}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x8, 0x4, 0x2, 0x80, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}]}]}}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20040004}, 0x0)

23.343641285s ago: executing program 6 (id=6876):
openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x240, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x80000003)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), r2)
sched_setaffinity(0x0, 0x0, 0x0)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)={0x5c, r3, 0x917, 0x0, 0x1000000, {}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @loopback}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @ipv4={'\x00', '\xff\xff', @remote}}, @L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x4}]}, 0x5c}}, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x5000, 0x1, @remote, 0x5}, 0x1c)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100)=',', 0x1}], 0x1)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000040)={'ip6_vti0\x00', &(0x7f0000000200)={'syztnl2\x00', 0x0, 0x2f, 0x3, 0x0, 0x8, 0x42, @mcast2, @local, 0x40, 0x700, 0x6, 0x7}})
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b0000000000000000000000ffffff7f00000000", @ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB="030000d658000200000005000000000000000000000400000000000000005aa8fe6e2d284c0e74b987fd1a6c1da70ce78806c25b68c2b544f2f249d16099cddb1d38e8f125bb8dbd123b39c569367ae8b5abcd4381fade3c106c8fc6467db13da0b6ac3267c8b1ef92e5213083564c959a6a5f004d7bba65fa647b9b59efb668975c76e784672eac73ede293"], 0x50)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000400)={<r7=>r0, 0x0, 0x2c99, 0x8000000000000001})
r8 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00', 0x0, 0x10}, 0x18)
r9 = socket(0x28, 0x801, 0x0)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x8c, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r10}, 0x2c, {'wfdno', 0x3d, r9}})
ioctl$NS_GET_USERNS(0xffffffffffffffff, 0xb701, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x10, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000001000000000000000000000071122f000000000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5b471ae2}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x0, 0x12, &(0x7f0000000240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x800}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@alu={0x7, 0x0, 0x2, 0x0, 0x2, 0xc, 0x10}, @btf_id={0x18, 0x8, 0x3, 0x0, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000180)='syzkaller\x00', 0x1c0000, 0x79, &(0x7f0000000300)=""/121, 0x41000, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x9, 0x2}, 0x8, 0x10, &(0x7f00000003c0)={0x3, 0x10, 0x0, 0x3}, 0x10, 0x0, 0x0, 0x8, &(0x7f00000004c0)=[r6, r7, r8, r10], &(0x7f0000000500)=[{0x3, 0x3, 0x9, 0x8}, {0x2, 0x1, 0xf, 0x3}, {0x1, 0x3, 0x6, 0x3}, {0x1, 0x5, 0x6, 0xc}, {0x5, 0x2, 0xf}, {0x2, 0x1, 0x5, 0x9}, {0x4, 0x2, 0xa, 0xa}, {0x5, 0x3, 0x3}], 0x10, 0x80000000}, 0x94)

23.255896705s ago: executing program 9 (id=6877):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, &(0x7f0000000000)=0x1)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000001a80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_clone(0x84800000, 0x0, 0x0, 0x0, 0x0, 0x0)

23.183057134s ago: executing program 6 (id=6879):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x9c, 0x4, 0x0, 0x0, 0x0, 0x9})
r0 = socket$netlink(0x10, 0x3, 0x15)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000fe42008a18eb3e691244050a94605d0b461d66e2ff0ab0220d7f47f64e6694aee5b72054f7897c116ea005c3d5c57b6f3620feca0eb9c093415f0b5dd7992ea644b72a2d6338075b36d54308aa2132d68e81e56c4b6f815f956d91fe229ee1d18117d8d42953f29c7cf16f740ad40af61420ede1c40730076207ca90296089d74caf867b8ecdba4feb1884f04a0d28be5781371d3fd7a1a412485831cbcaa5862e6cea8e36bb5e28f0b5c2ed9b907b61d0"], &(0x7f0000000300)='syzkaller\x00'}, 0x94)
r2 = openat$sndseq(0xffffff9c, &(0x7f0000001240), 0x88081)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000380)=0xd)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
read$eventfd(r4, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r2, 0xc0a45320, &(0x7f0000000240)={{0x80, 0xf7}, 'port1\x00', 0x3ee, 0x2062f, 0x3, 0x100, 0x0, 0xc, 0x3fc, 0x0, 0x7, 0xfd})
close_range(r1, 0xffffffffffffffff, 0x10000000000000)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80fae0090f000000000000a2bc5603ca00000f7f89000000200000004a2471083ec6811778581acb6c0101ff0000000309", 0x48}], 0x1)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x492f82, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
openat$tun(0xffffffffffffff9c, &(0x7f0000001800), 0xc0241, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000240)={r7}, 0xc)
r8 = openat$ppp(0xffffff9c, &(0x7f0000000140), 0x800, 0x0)
ioctl$PPPIOCCONNECT(r8, 0x4004743a, &(0x7f0000000180)=0x1)
sendmsg$NFT_BATCH(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={{0x14}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x9}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x74}, 0x1, 0x0, 0x0, 0x44}, 0x0)
timer_create(0xb, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

23.131082973s ago: executing program 9 (id=6880):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(0xffffffffffffffff, 0x80045700, 0x0)
r0 = socket(0x2a, 0x2, 0x0)
r1 = syz_io_uring_setup(0x837, &(0x7f0000000180)={0x0, 0x2b94, 0x80, 0x4, 0x3cf}, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000000)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="05000000810000"], 0x48)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x40, 0x0, r0, 0x0, 0x0})
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x61709000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

22.773492548s ago: executing program 4 (id=6883):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1, 0x0, 0x3}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB])
chdir(&(0x7f0000000080)='./file1\x00')
r5 = fsopen(&(0x7f0000000040)='tracefs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x8, 0x0, 0x0, 0x0)
ioctl$VIDIOC_PREPARE_BUF(0xffffffffffffffff, 0xc058565d, &(0x7f00000004c0)=@multiplanar_userptr={0x4, 0x3, 0x4, 0xa018, 0x0, {}, {0x2, 0xc, 0x7, 0x3, 0x9, 0x1b, "3cdab13e"}, 0x6, 0x2, {&(0x7f0000000440)=[{0xc, 0x8001, {&(0x7f00000001c0)}, 0x60}, {0x3, 0x5, {0x0}, 0x100}]}, 0x3, 0x0, r0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x3, 0x0)
ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f0000000040)={{}, 0x8, 0x5, 0xedd1})
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1e00000081000000100000000000000041040600", @ANYRES32=r0, @ANYBLOB="f4a400"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000200000000000000080000eaffff000000000000000000"], 0x50)
syz_mount_image$udf(&(0x7f0000000040), &(0x7f0000000480)='./file0\x00', 0x2018008, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="2f93edc77863113d68e33456dfe3c025878b46bc73df14f991a8f7a341a10f44c05fc1c37ad73b0239a18733e7436f3b54758b4ce59af971d50e53c14277216c0bba6ad052fa7a6d77f0b19c8b2381abc46dfa7e4bc6c37bbab3f908f48d1a6055a6457c5d503502300a69dc517cc08b955df0d19ae4c120c512eceffbf3fc154e4ba08f2497b14e95cfdef1c26e8623eab9941404ca9d84df9a2c44e453a0cfffbf23e5bf1e872ee040a582eda3d84714e82dde4c02836e5f66775f4df1bdcfbc28eb5ced2b332944d3ab2b9efe3cbb2111fe"], 0xfe, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
keyctl$dh_compute(0x17, &(0x7f0000000100), 0x0, 0x0, &(0x7f0000000180)={0x0})
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010d00000000000000850a000000000000000500000014000500200100000000000000000100000000001c00090008000000", @ANYRES32=r7, @ANYRESHEX=r8], 0x4c}, 0x1, 0x0, 0x0, 0x810}, 0x40000)
sendmmsg(r7, 0x0, 0x0, 0xfc)
syz_open_dev$loop(&(0x7f0000000140), 0x9, 0x40000)

22.503685633s ago: executing program 6 (id=6884):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
socket$nl_audit(0x10, 0x3, 0x9)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0))
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x6, 0x0, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x0, 0x7, 0x0, &(0x7f0000000540)="64b61d9b104c99", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)
r7 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r7, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)=[{0x0}, {&(0x7f0000000040)="a3d7f3e8a9cf9e3887a6f6eca30e90d85fcfa281378973ab916b0e1d03bd28bca55c552da8cfecb0fbccbfb18ef20fe9541e0e1e8fa214cb6bb0455c2386f5ebb4730be449beb72f481c1429d6eb835b76fd1fdcacd50b884c98caa871ec4e225b6036b6ad2638ab5b06828c10fc355b170075f37b748b8f466fe29f40ec981d1431132bca9884654780b3205ed61f49c3b3b6229593e61d13a8505de19a8a0f502d4f3148f9450ed35ef5950bb7fefcf299beed14", 0xb5}], 0x2}, 0x0)
flock(r4, 0x8)

22.48841399s ago: executing program 8 (id=6885):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000080)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f0000000c40), 0x12)
r5 = openat$cgroup_type(r2, &(0x7f0000000040), 0x2, 0x0)
write$cgroup_type(r5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={0x0, r1}, 0x18)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400), 0x0, 0x0, 0x0})
r8 = dup3(r7, r6, 0x0)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r9, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r9, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, 0x0)
r10 = getpid()
syz_pidfd_open(r10, 0x0)
capget(&(0x7f0000000140)={0x20080522, r10}, &(0x7f0000000180)={0x2800000, 0x4, 0xfffffff8, 0x401, 0xffff8000, 0x7})
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@mpls_delroute={0x30, 0x19, 0x1, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}, [@RTA_VIA={0x14, 0x12, {0x2, "65cb0629f5a3e37d035000ed1ea2"}}]}, 0x30}}, 0x0)

21.997313188s ago: executing program 8 (id=6886):
r0 = socket$inet(0x2, 0x2, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000580)={0x40, r2, 0x1, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_MESH_SETUP={0xc, 0x70, [@NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC={0x5}]}, @NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x20040824)

21.385370389s ago: executing program 4 (id=6887):
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10)
setsockopt$TIPC_GROUP_LEAVE(0xffffffffffffffff, 0x10f, 0x88)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_open_procfs(0x0, &(0x7f0000000200)='environ\x00')
socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x2, 0x80805, 0x0)
bind$netlink(r2, &(0x7f0000000140)={0x10, 0x0, 0x25dfdbfc, 0x4000}, 0xc)
r3 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r3, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4)
sendto$inet6(r3, &(0x7f00000000c0)="9d", 0x1, 0x20000854, &(0x7f0000000240)={0xa, 0x4e22, 0x65f, @dev={0xfe, 0x80, '\x00', 0x20}, 0x6}, 0x1c)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080), 0x0, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
syz_open_dev$video4linux(&(0x7f0000000000), 0x3, 0x143b02)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000850000001100000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x3a)
syz_open_dev$ndb(0x0, 0x0, 0x101000)

21.374954512s ago: executing program 6 (id=6888):
ioctl$CEC_TRANSMIT(0xffffffffffffffff, 0xc0386105, &(0x7f0000000080)={0x10000, 0x0, 0x1, 0x10001, 0x2, 0x700, "c46519af4b2e657e8e659f0da5a552b7", 0x6, 0x6, 0xb, 0xc, 0x0, 0x9, 0x8})
openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000001c0), 0x40, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
mq_open(0x0, 0x42, 0x0, 0x0)
ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x4}, 0x0)

21.183757692s ago: executing program 8 (id=6889):
openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x240, 0x0)
r0 = socket$inet6(0xa, 0x1, 0x80000003)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), r2)
sched_setaffinity(0x0, 0x0, 0x0)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)={0x5c, r3, 0x917, 0x0, 0x1000000, {}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @loopback}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @ipv4={'\x00', '\xff\xff', @remote}}, @L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x4}]}, 0x5c}}, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x5000, 0x1, @remote, 0x5}, 0x1c)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100)=',', 0x1}], 0x1)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000040)={'ip6_vti0\x00', &(0x7f0000000200)={'syztnl2\x00', 0x0, 0x2f, 0x3, 0x0, 0x8, 0x42, @mcast2, @local, 0x40, 0x700, 0x6, 0x7}})
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b0000000000000000000000ffffff7f00000000", @ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB="030000d658000200000005000000000000000000000400000000000000005aa8fe6e2d284c0e74b987fd1a6c1da70ce78806c25b68c2b544f2f249d16099cddb1d38e8f125bb8dbd123b39c569367ae8b5abcd4381fade3c106c8fc6467db13da0b6ac3267c8b1ef92e5213083564c959a6a5f004d7bba65fa647b9b59efb668975c76e784672eac73ede293"], 0x50)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000400)={<r7=>r0, 0x0, 0x2c99, 0x8000000000000001})
r8 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000480)=@generic={&(0x7f0000000440)='./file0\x00', 0x0, 0x10}, 0x18)
r9 = socket(0x28, 0x801, 0x0)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x8c, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r10}, 0x2c, {'wfdno', 0x3d, r9}})
ioctl$NS_GET_USERNS(0xffffffffffffffff, 0xb701, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x10, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000001000000000000000000000071122f000000000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5b471ae2}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x0, 0x12, &(0x7f0000000240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x800}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@alu={0x7, 0x0, 0x2, 0x0, 0x2, 0xc, 0x10}, @btf_id={0x18, 0x8, 0x3, 0x0, 0x1}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000180)='syzkaller\x00', 0x1c0000, 0x79, &(0x7f0000000300)=""/121, 0x41000, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x9, 0x2}, 0x8, 0x10, &(0x7f00000003c0)={0x3, 0x10, 0x0, 0x3}, 0x10, 0x0, 0x0, 0x8, &(0x7f00000004c0)=[r6, r7, r8, r10], &(0x7f0000000500)=[{0x3, 0x3, 0x9, 0x8}, {0x2, 0x1, 0xf, 0x3}, {0x1, 0x3, 0x6, 0x3}, {0x1, 0x5, 0x6, 0xc}, {0x5, 0x2, 0xf}, {0x2, 0x1, 0x5, 0x9}, {0x4, 0x2, 0xa, 0xa}, {0x5, 0x3, 0x3}], 0x10, 0x80000000}, 0x94)

20.965294236s ago: executing program 8 (id=6891):
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000006c0)=""/236, &(0x7f0000000540)=0xec)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4881}, 0x8000)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

20.492380124s ago: executing program 8 (id=6894):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x9c, 0x4, 0x0, 0x0, 0x0, 0x9})
r0 = socket$netlink(0x10, 0x3, 0x15)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000fe42008a18eb3e691244050a94605d0b461d66e2ff0ab0220d7f47f64e6694aee5b72054f7897c116ea005c3d5c57b6f3620feca0eb9c093415f0b5dd7992ea644b72a2d6338075b36d54308aa2132d68e81e56c4b6f815f956d91fe229ee1d18117d8d42953f29c7cf16f740ad40af61420ede1c40730076207ca90296089d74caf867b8ecdba4feb1884f04a0d28be5781371d3fd7a1a412485831cbcaa5862e6cea8e36bb5e28f0b5c2ed9b907b61d01b10cb"], &(0x7f0000000300)='syzkaller\x00'}, 0x94)
r2 = openat$sndseq(0xffffff9c, &(0x7f0000001240), 0x88081)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000380)=0xd)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
read$eventfd(r4, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r2, 0xc0a45320, &(0x7f0000000240)={{0x80, 0xf7}, 'port1\x00', 0x3ee, 0x2062f, 0x3, 0x100, 0x0, 0xc, 0x3fc, 0x0, 0x7, 0xfd})
close_range(r1, 0xffffffffffffffff, 0x10000000000000)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80fae0090f000000000000a2bc5603ca00000f7f89000000200000004a2471083ec6811778581acb6c0101ff0000000309", 0x48}], 0x1)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x492f82, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
openat$tun(0xffffffffffffff9c, &(0x7f0000001800), 0xc0241, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000240)={r7}, 0xc)
r8 = openat$ppp(0xffffff9c, &(0x7f0000000140), 0x800, 0x0)
ioctl$PPPIOCCONNECT(r8, 0x4004743a, &(0x7f0000000180)=0x1)
sendmsg$NFT_BATCH(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={{0x14}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x9}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x74}, 0x1, 0x0, 0x0, 0x44}, 0x0)
timer_create(0xb, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

20.010687557s ago: executing program 9 (id=6895):
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r1, 0x0, 0xd}, 0x18)
r2 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r3, 0x0)
mprotect(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$P9_RVERSION(r2, &(0x7f0000000c40)=ANY=[], 0x13)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r4, 0x0, 0x30, 0x0, @val=@uprobe_multi={0x0, &(0x7f0000000300)=[0x7], 0x0, 0x0, 0x1}}, 0x40)
mmap$xdp(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x9, 0x11, r0, 0x80000000)

19.80375808s ago: executing program 8 (id=6896):
socket$can_bcm(0x1d, 0x2, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e20, @remote}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x3, 0xff)
socket$key(0xf, 0x3, 0x2)
syz_open_dev$sndctrl(0x0, 0x2, 0xe8e80)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x28, 0x0, @fd_index=0x1, 0xfffffffffffffffc, 0x0, 0x0, 0x22})
syz_emit_ethernet(0x2a, &(0x7f0000000280)=ANY=[@ANYBLOB="9b4307000001aaaaaaaaaa000800bc41d14286078bff0001907800000000ffffffffe0009078fffd000062"], 0x0)
io_uring_enter(0xffffffffffffffff, 0x48e9, 0x0, 0x6, 0x0, 0x0)
connect$inet6(r2, &(0x7f0000000480)={0xa, 0xfffc, 0x3, @empty, 0x5}, 0x1c)
ioctl$TIOCGPKT(0xffffffffffffffff, 0x80045438, &(0x7f0000000340))
r3 = socket(0x2b, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000180)={@loopback, 0x8000000, 0x0, 0x0, 0x6, 0x0, 0x6e}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000180)={@mcast1, 0x8000000, 0x1, 0xff, 0x0, 0x4}, 0x20)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000008380), 0x400000000000174, 0x4008890)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x0, 0x0})
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)

19.74868164s ago: executing program 9 (id=6897):
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
open$dir(&(0x7f0000000100)='./file0\x00', 0x149800, 0x0)
r0 = syz_io_uring_setup(0x88d, &(0x7f0000000140)={0x0, 0x84c0, 0x0, 0xffffffff, 0x121}, &(0x7f0000000100)=<r1=>0x0, &(0x7f00000003c0))
r2 = syz_open_procfs(0x0, &(0x7f0000001840)='environ\x00')
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
getresuid(&(0x7f0000000240)=<r4=>0x0, &(0x7f0000000280), &(0x7f0000000300))
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=@newsa={0x11c, 0x10, 0x20, 0x70bd28, 0x25dfdbff, {{@in=@broadcast, @in=@dev={0xac, 0x14, 0x14, 0x3a}, 0x4e21, 0x5c4, 0x4e23, 0xb81, 0xa, 0x20, 0xa0, 0x8, 0x0, r4}, {@in6=@mcast2, 0x4d4, 0x33}, @in6=@mcast2, {0xffffffffffffffff, 0x44, 0x76, 0xffff, 0x6, 0x52, 0xe5, 0xfffffffffffffffa}, {0xffffffffffffff00, 0x9, 0xa98, 0x1}, {0x7, 0xfffffffc, 0xd94}, 0x70bd2b, 0x0, 0x2, 0x4, 0x2}, [@lifetime_val={0x24, 0x9, {0x73a0, 0x101, 0x7, 0x2}}, @extra_flags={0x8, 0x18, 0x80000001}]}, 0x11c}}, 0x4000)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="ec000000210001000000000000000000fc010000000000000000000000000000ac1414aa00000000000000000000000000000000000002090200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000009c00110000000000000000000000000000000000fe"], 0xec}}, 0x0)
read$FUSE(r2, &(0x7f0000001880)={0x2020}, 0x2020)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)
creat(&(0x7f00000001c0)='./file0\x00', 0x0)

4.735052736s ago: executing program 42 (id=6888):
ioctl$CEC_TRANSMIT(0xffffffffffffffff, 0xc0386105, &(0x7f0000000080)={0x10000, 0x0, 0x1, 0x10001, 0x2, 0x700, "c46519af4b2e657e8e659f0da5a552b7", 0x6, 0x6, 0xb, 0xc, 0x0, 0x9, 0x8})
openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000001c0), 0x40, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
mq_open(0x0, 0x42, 0x0, 0x0)
ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x4}, 0x0)

4.587450529s ago: executing program 43 (id=6887):
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10)
setsockopt$TIPC_GROUP_LEAVE(0xffffffffffffffff, 0x10f, 0x88)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_open_procfs(0x0, &(0x7f0000000200)='environ\x00')
socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x2, 0x80805, 0x0)
bind$netlink(r2, &(0x7f0000000140)={0x10, 0x0, 0x25dfdbfc, 0x4000}, 0xc)
r3 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r3, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4)
sendto$inet6(r3, &(0x7f00000000c0)="9d", 0x1, 0x20000854, &(0x7f0000000240)={0xa, 0x4e22, 0x65f, @dev={0xfe, 0x80, '\x00', 0x20}, 0x6}, 0x1c)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080), 0x0, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
syz_open_dev$video4linux(&(0x7f0000000000), 0x3, 0x143b02)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000850000001100000095"], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x3a)
syz_open_dev$ndb(0x0, 0x0, 0x101000)

4.452837169s ago: executing program 44 (id=6896):
socket$can_bcm(0x1d, 0x2, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e20, @remote}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x3, 0xff)
socket$key(0xf, 0x3, 0x2)
syz_open_dev$sndctrl(0x0, 0x2, 0xe8e80)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x28, 0x0, @fd_index=0x1, 0xfffffffffffffffc, 0x0, 0x0, 0x22})
syz_emit_ethernet(0x2a, &(0x7f0000000280)=ANY=[@ANYBLOB="9b4307000001aaaaaaaaaa000800bc41d14286078bff0001907800000000ffffffffe0009078fffd000062"], 0x0)
io_uring_enter(0xffffffffffffffff, 0x48e9, 0x0, 0x6, 0x0, 0x0)
connect$inet6(r2, &(0x7f0000000480)={0xa, 0xfffc, 0x3, @empty, 0x5}, 0x1c)
ioctl$TIOCGPKT(0xffffffffffffffff, 0x80045438, &(0x7f0000000340))
r3 = socket(0x2b, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000180)={@loopback, 0x8000000, 0x0, 0x0, 0x6, 0x0, 0x6e}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000180)={@mcast1, 0x8000000, 0x1, 0xff, 0x0, 0x4}, 0x20)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000008380), 0x400000000000174, 0x4008890)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x0, 0x0})
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)

4.421701215s ago: executing program 9 (id=6903):
pipe(&(0x7f0000000500))
fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="0200000004000000"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCSACTIVE(r2, 0x40107446, &(0x7f0000000080)={0x0, 0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@newqdisc={0xbc, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x12, 0x0, {0x0, 0xffe0}, {}, {0x0, 0x9}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x8c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x2, 0x0, 0xf, 0xff, 0x0, 0x2, 0xb, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfd, 0x1], 0x1, [0x1, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000], [0x0, 0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x30, 0xc, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_CMD={0x5, 0x2, 0x49}, @TCA_TAPRIO_SCHED_ENTRY_CMD={0x5}, @TCA_TAPRIO_SCHED_ENTRY_CMD={0x5}, @TCA_TAPRIO_SCHED_ENTRY_GATE_MASK={0x8, 0x3, 0x9}, @TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x8}]}]}]}}]}, 0xbc}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r4, @ANYBLOB="00000000000000001c001a800800028004000500080000003e"], 0x44}}, 0x0)

3.353321744s ago: executing program 7 (id=6904):
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000006c0)=""/236, &(0x7f0000000540)=0xec)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4881}, 0x8000)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

2.973684335s ago: executing program 7 (id=6905):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
socket$nl_audit(0x10, 0x3, 0x9)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0))
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_int(r4, 0x0, 0x32, &(0x7f0000000000), 0x4)

2.431568725s ago: executing program 7 (id=6906):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x9c, 0x4, 0x0, 0x0, 0x0, 0x9})
r0 = socket$netlink(0x10, 0x3, 0x15)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000fe42008a18eb3e691244050a94605d0b461d66e2ff0ab0220d7f47f64e6694aee5b72054f7897c116ea005c3d5c57b6f3620feca0eb9c093415f0b5dd7992ea644b72a2d6338075b36d54308aa2132d68e81e56c4b6f815f956d91fe229ee1d18117d8d42953f29c7cf16f740ad40af61420ede1c40730076207ca90296089d74caf867b8ecdba4feb1884f04a0d28be5781371d3fd7a1a412485831cbcaa5862e6cea8e36bb5e28f0b5c2ed9b907b61d01b10cb"], &(0x7f0000000300)='syzkaller\x00'}, 0x94)
r2 = openat$sndseq(0xffffff9c, &(0x7f0000001240), 0x88081)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000380)=0xd)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
read$eventfd(r4, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r2, 0xc0a45320, &(0x7f0000000240)={{0x80, 0xf7}, 'port1\x00', 0x3ee, 0x2062f, 0x3, 0x100, 0x0, 0xc, 0x3fc, 0x0, 0x7, 0xfd})
close_range(r1, 0xffffffffffffffff, 0x10000000000000)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80fae0090f000000000000a2bc5603ca00000f7f89000000200000004a2471083ec6811778581acb6c0101ff0000000309", 0x48}], 0x1)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x492f82, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
openat$tun(0xffffffffffffff9c, &(0x7f0000001800), 0xc0241, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000240)={r7}, 0xc)
r8 = openat$ppp(0xffffff9c, &(0x7f0000000140), 0x800, 0x0)
ioctl$PPPIOCCONNECT(r8, 0x4004743a, &(0x7f0000000180)=0x1)
sendmsg$NFT_BATCH(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={{0x14}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x9}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x74}, 0x1, 0x0, 0x0, 0x44}, 0x0)
timer_create(0xb, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

2.03777325s ago: executing program 7 (id=6907):
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xec1}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x3ffa, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x84}, 0x44)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xb4, 0x19, 0x1, 0x0, 0x0, {{@in, @in6=@ipv4={'\x00', '\xff\xff', @multicast1}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x80}, {0x0, 0x7, 0x0, 0x7fffffff, 0x0, 0x2}, {0x2, 0xffffffffffffffff}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3}}, 0xb4}}, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
mprotect(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_open_procfs(0x0, &(0x7f0000000640)='net/mcfilter6\x00')
preadv(r4, &(0x7f0000001640), 0x0, 0x86, 0x451)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f00000002c0)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000003c0), 0x0, 0x5, 0x0, 0x0, r5})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r4, 0xc05064a7, &(0x7f0000000340)={&(0x7f00000001c0)=[0x0, 0x0], &(0x7f00000004c0)=[{}, {}, {}, {}, {}, {}], &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0], 0x6, 0x4, 0x2, 0x0, r5})

1.089579939s ago: executing program 9 (id=6908):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x10008)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f00000004c0)={0x18}, 0x18)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000003c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, 0x0, 0x0)
write$FUSE_INIT(r2, &(0x7f0000000200)={0x50, 0x0, 0x0, {0x7, 0x29, 0x20200}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x4014, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_fscache}]}})
r4 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000400)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x106, 0x1}}, 0x20)
writev(r4, &(0x7f0000004600)=[{&(0x7f0000004440)="a7", 0x1}], 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x40000000}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

923.708742ms ago: executing program 7 (id=6909):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(0xffffffffffffffff, 0x84, 0x7, &(0x7f0000000340), 0x15)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r1, 0x6, 0x0, 0x0, &(0x7f0000000bc0))
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000006c0)="5c00000013006bcd9e3fe3dc6e48aa310b6b8703100000001f03000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9f5d1938037e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4014)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x400c084)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
fstat(r2, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
syz_io_uring_setup(0xa39, 0x0, 0x0, &(0x7f0000000340))
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000200)={0x2, @pix={0x8, 0x1, 0x32315559, 0x3, 0x5, 0x8, 0x9, 0x6, 0x0, 0x1, 0x1, 0x3}})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000058000000030a0102000000000000000001000000090003803d2175fbe782c2002c00048008000240172af2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a300000000088000000060a010400000000000000000100000008000b400000000014000480100001800b0001006e756d67656e00000900010073797a30000000004c0004804800018008000100666962003c000280080003400000000c0800014000000002080001400000003008000240000000030800014000000012080003"], 0x122}}, 0x0)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000080)='./cgroup\x00', &(0x7f0000000040)='exfat\x00', 0x204000, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180), &(0x7f00000001c0)=0xc)

0s ago: executing program 7 (id=6910):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x4e)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000003c0)}, {&(0x7f0000000440)="9472aef1629418da78f7", 0xa}], 0x2}], 0x1, 0x8001)
recvmsg$qrtr(r2, 0x0, 0x0, 0x10020)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0xff43, &(0x7f00000002c0)=0x2)
syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000100)=<r3=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r3, 0x1, &(0x7f0000000040)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r4 = timerfd_create(0x0, 0x0)
read(r4, &(0x7f0000000080)=""/149, 0x95)

kernel console output (not intermixed with test programs):

erface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1752.375748][T21344] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1752.662812][T21351] hsr_slave_0: entered promiscuous mode
[ 1752.670784][T21351] hsr_slave_1: entered promiscuous mode
[ 1752.683777][T21351] debugfs: 'hsr0' already exists in 'hsr'
[ 1752.689585][T21351] Cannot create hsr debugfs directory
[ 1752.734376][T21344] hsr_slave_0: entered promiscuous mode
[ 1752.758226][T21344] hsr_slave_1: entered promiscuous mode
[ 1752.764677][T21344] debugfs: 'hsr0' already exists in 'hsr'
[ 1752.777068][T21344] Cannot create hsr debugfs directory
[ 1752.869219][T21367] chnl_net:caif_netlink_parms(): no params data found
[ 1752.905752][T11302] Bluetooth: hci2: command tx timeout
[ 1753.030365][T21317] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1753.126312][T17899] bridge_slave_1: left allmulticast mode
[ 1753.131996][T17899] bridge_slave_1: left promiscuous mode
[ 1753.138279][T17899] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1753.149636][T17899] bridge_slave_0: left allmulticast mode
[ 1753.155460][T17899] bridge_slave_0: left promiscuous mode
[ 1753.161362][T17899] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1753.175857][T17899] bridge_slave_1: left allmulticast mode
[ 1753.181535][T17899] bridge_slave_1: left promiscuous mode
[ 1753.187704][T17899] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1753.200314][T17899] bridge_slave_0: left allmulticast mode
[ 1753.206478][T17899] bridge_slave_0: left promiscuous mode
[ 1753.212203][T17899] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1753.705849][T11302] Bluetooth: hci0: command tx timeout
[ 1753.821416][T17899] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1753.842051][T17899] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1753.861891][T17899] bond0 (unregistering): (slave wlan1): Releasing backup interface
[ 1753.896256][T17899] bond0 (unregistering): Released all slaves
[ 1753.956123][T11302] Bluetooth: hci4: command tx timeout
[ 1754.122959][T21408] I/O error, dev loop5, sector 8 op 0x0:(READ) flags 0x1800 phys_seg 1 prio class 2
[ 1754.133199][T21408] bcachefs (/dev/loop5): error reading default superblock: IO error: -5
[ 1754.141977][T21408] I/O error, dev loop5, sector 7 op 0x0:(READ) flags 0x1800 phys_seg 1 prio class 2
[ 1754.151548][T21408] bcachefs (/dev/loop5): error reading superblock: IO error: -5
[ 1754.159400][T21408] bcachefs: bch2_fs_get_tree() error: EIO
[ 1754.198050][T17899] bond1 (unregistering): Released all slaves
[ 1754.995630][T11302] Bluetooth: hci2: command tx timeout
[ 1755.097706][T17899] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1755.120452][T17899] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1755.138965][T17899] bond0 (unregistering): Released all slaves
[ 1755.225180][T21367] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1755.264939][T21367] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1755.283905][T21367] bridge_slave_0: entered allmulticast mode
[ 1755.311210][T21367] bridge_slave_0: entered promiscuous mode
[ 1755.464937][T21367] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1755.474994][T21367] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1755.482591][T21367] bridge_slave_1: entered allmulticast mode
[ 1755.496825][T21367] bridge_slave_1: entered promiscuous mode
[ 1755.634863][T21351] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1755.700391][T21367] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1755.752705][T21367] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1755.796298][T11302] Bluetooth: hci0: command tx timeout
[ 1755.878658][T21317] 8021q: adding VLAN 0 to HW filter on device team0
[ 1756.053681][T21351] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1756.171239][T21367] team0: Port device team_slave_0 added
[ 1756.183001][   T61] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1756.190281][   T61] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1756.250946][T21351] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1756.282002][T21367] team0: Port device team_slave_1 added
[ 1756.386830][T21421] ntfs3(loop5): try to read out of volume at offset 0x0
[ 1756.421807][T21351] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1756.498700][T16841] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1756.505917][T16841] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1756.566483][T21367] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1756.573478][T21367] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1756.600777][T21367] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1756.642160][T21367] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1756.650822][T21367] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1756.676942][T21367] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1756.753100][T17899] hsr_slave_0: left promiscuous mode
[ 1756.759953][T17899] hsr_slave_1: left promiscuous mode
[ 1756.766366][T17899] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1756.773786][T17899] net_ratelimit: 30 callbacks suppressed
[ 1756.773822][T17899] batadv0: mtu less than device minimum
[ 1756.787000][T17899] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1756.798360][T17899] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1756.809801][T17899] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1756.821715][T17899] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1756.833220][T17899] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1756.844663][T17899] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1756.856379][T17899] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1756.867859][T17899] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1756.879334][T17899] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1756.908927][T17899] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1756.919544][T17899] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1756.959419][T17899] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1756.967541][T17899] batman_adv: batadv0: Interface deactivated: dummy0
[ 1756.974266][T17899] batman_adv: batadv0: Removing interface: dummy0
[ 1757.003348][T17899] hsr_slave_0: left promiscuous mode
[ 1757.010805][T17899] hsr_slave_1: left promiscuous mode
[ 1757.017069][T17899] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1757.064706][T17899] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1757.074197][T17899] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1757.113764][T17899] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1757.122669][T17899] batman_adv: batadv0: Interface deactivated: dummy0
[ 1757.140738][T17899] batman_adv: batadv0: Removing interface: dummy0
[ 1757.204304][T17899] veth1_macvtap: left promiscuous mode
[ 1757.217419][T17899] veth0_macvtap: left promiscuous mode
[ 1757.223235][T17899] veth1_vlan: left promiscuous mode
[ 1757.234724][T17899] veth0_vlan: left promiscuous mode
[ 1757.245158][T17899] veth1_macvtap: left promiscuous mode
[ 1757.261892][T17899] veth0_macvtap: left promiscuous mode
[ 1757.270082][T17899] veth1_vlan: left promiscuous mode
[ 1757.275467][T17899] veth0_vlan: left promiscuous mode
[ 1757.866263][T11302] Bluetooth: hci0: command tx timeout
[ 1758.729225][T17899] team0 (unregistering): Port device team_slave_1 removed
[ 1758.781873][T17899] team0 (unregistering): Port device team_slave_0 removed
[ 1760.557275][T17899] team0 (unregistering): Port device team_slave_1 removed
[ 1760.721232][T21445] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1760.721232][T21445]    program syz.5.4495 not setting count and/or reply_len properly
[ 1761.020298][T17899] team0 (unregistering): Port device team_slave_0 removed
[ 1761.702727][T14675] lo speed is unknown, defaulting to 1000
[ 1761.715695][T14675] infiniband syz2: ib_query_port failed (-19)
[ 1761.819043][T21367] hsr_slave_0: entered promiscuous mode
[ 1761.826043][T21367] hsr_slave_1: entered promiscuous mode
[ 1761.832460][T21367] debugfs: 'hsr0' already exists in 'hsr'
[ 1761.845762][T21367] Cannot create hsr debugfs directory
[ 1762.048626][T21344] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1762.132433][T21344] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1762.201900][T21344] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1762.212762][T21344] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1762.540566][T21351] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1763.522939][T21351] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1763.540489][T21351] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1763.628971][T21317] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1763.646487][T21351] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1764.049705][T17899] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1764.084449][T21344] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1764.205077][T17899] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1764.253170][T21344] 8021q: adding VLAN 0 to HW filter on device team0
[ 1764.335268][T21148] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1764.342444][T21148] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1764.415545][T17899] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1764.449738][ T1104] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1764.456992][ T1104] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1764.494522][T21317] veth0_vlan: entered promiscuous mode
[ 1764.562352][T17899] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1764.592751][T21367] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1764.618152][T21317] veth1_vlan: entered promiscuous mode
[ 1764.626929][T21367] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1764.674697][T21367] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1764.714900][T21367] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1764.811844][T21351] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1764.894066][T21317] veth0_macvtap: entered promiscuous mode
[ 1764.954178][T21351] 8021q: adding VLAN 0 to HW filter on device team0
[ 1764.974206][T21317] veth1_macvtap: entered promiscuous mode
[ 1765.022247][T17899] bridge_slave_1: left allmulticast mode
[ 1765.028351][T17899] bridge_slave_1: left promiscuous mode
[ 1765.062506][T17899] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1765.088149][T17899] bridge_slave_0: left allmulticast mode
[ 1765.093842][T17899] bridge_slave_0: left promiscuous mode
[ 1765.108922][T17899] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1766.060230][T17899] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1766.076221][T17899] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1766.098245][T17899] bond0 (unregistering): Released all slaves
[ 1766.119289][T17899] bond1 (unregistering): Released all slaves
[ 1766.140655][T16841] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1766.147913][T16841] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1766.174746][T16841] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1766.181981][T16841] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1766.240770][T21317] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1766.307645][T17899] IPVS: stopping backup sync thread 17421 ...
[ 1766.374718][T21317] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1766.431775][ T6307] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1766.476752][ T6307] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1766.525351][ T6307] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1766.541242][ T6307] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1766.584205][T21344] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1766.913836][T21367] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1766.944351][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1766.955272][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1767.024059][T16841] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1767.038801][T16841] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1767.075769][T17899] hsr_slave_0: left promiscuous mode
[ 1767.089792][T17899] hsr_slave_1: left promiscuous mode
[ 1767.126433][T17899] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1767.141686][T17899] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1767.189713][T17899] veth1_macvtap: left promiscuous mode
[ 1767.201953][T17899] veth0_macvtap: left promiscuous mode
[ 1767.207780][T17899] veth1_vlan: left promiscuous mode
[ 1767.213133][T17899] veth0_vlan: left promiscuous mode
[ 1767.240212][T21518] I/O error, dev loop5, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[ 1767.250390][T21518] EXT4-fs (loop5): unable to read superblock
[ 1767.752133][T17899] team0 (unregistering): Port device team_slave_1 removed
[ 1767.799832][T17899] team0 (unregistering): Port device team_slave_0 removed
[ 1768.315527][T21367] 8021q: adding VLAN 0 to HW filter on device team0
[ 1768.401840][T21148] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1768.409022][T21148] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1768.468569][T21148] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1768.475756][T21148] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1768.665376][T21351] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1768.754398][T21344] veth0_vlan: entered promiscuous mode
[ 1768.816523][T21344] veth1_vlan: entered promiscuous mode
[ 1768.950976][T21351] veth0_vlan: entered promiscuous mode
[ 1768.981727][T21351] veth1_vlan: entered promiscuous mode
[ 1769.028115][T21344] veth0_macvtap: entered promiscuous mode
[ 1769.135197][T17899] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1769.188686][T21344] veth1_macvtap: entered promiscuous mode
[ 1769.213366][T21351] veth0_macvtap: entered promiscuous mode
[ 1769.303223][T21351] veth1_macvtap: entered promiscuous mode
[ 1769.408951][T17899] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1769.461922][T21344] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1769.494898][T21367] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1769.569118][T17899] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1769.729870][T21344] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1769.754474][T21351] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1769.892737][T14250] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1769.907775][T17899] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1769.921075][T14250] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1769.930206][T14250] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1769.942132][T14250] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1769.950559][T14250] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1769.964019][T21351] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1770.015534][ T6307] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1770.098331][ T6307] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1770.170674][ T6307] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1770.224283][ T6307] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1770.236258][ T6307] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1770.245011][ T6307] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1770.303003][ T6307] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1770.311581][T21530] lo speed is unknown, defaulting to 1000
[ 1770.316352][ T6307] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1770.486099][T21367] veth0_vlan: entered promiscuous mode
[ 1770.514311][T21146] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1770.526357][T21146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1770.554737][T17899] bridge_slave_1: left allmulticast mode
[ 1770.560928][T17899] bridge_slave_1: left promiscuous mode
[ 1770.566893][T17899] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1770.579154][T17899] bridge_slave_0: left allmulticast mode
[ 1770.584800][T17899] bridge_slave_0: left promiscuous mode
[ 1770.591988][T17899] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1771.006163][T17899] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1771.017537][T17899] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1771.032284][T17899] bond0 (unregistering): Released all slaves
[ 1771.115725][T21146] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1771.145708][T21146] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1771.169719][T21367] veth1_vlan: entered promiscuous mode
[ 1771.200362][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1771.209105][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1771.261799][ T6307] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1771.276784][ T6307] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1771.649396][T21367] veth0_macvtap: entered promiscuous mode
[ 1772.399325][T11302] Bluetooth: hci1: command tx timeout
[ 1773.611926][T21367] veth1_macvtap: entered promiscuous mode
[ 1773.774798][T21561] lo speed is unknown, defaulting to 1000
[ 1773.914682][T17899] hsr_slave_0: left promiscuous mode
[ 1773.923518][T17899] hsr_slave_1: left promiscuous mode
[ 1773.979567][T17899] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1773.995816][T17899] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1774.024007][T17899] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1774.032717][T17899] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1774.066714][T17899] veth1_macvtap: left promiscuous mode
[ 1774.072301][T17899] veth0_macvtap: left promiscuous mode
[ 1774.078084][T17899] veth1_vlan: left promiscuous mode
[ 1774.083473][T17899] veth0_vlan: left promiscuous mode
[ 1774.219164][T17899] pim6reg (unregistering): left allmulticast mode
[ 1774.425788][T11302] Bluetooth: hci1: command tx timeout
[ 1775.006756][T21575] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input54
[ 1775.537852][T21586] MTD: Attempt to mount non-MTD device "/dev/loop8"
[ 1775.545329][T21586] cramfs: wrong magic
[ 1775.672501][T17899] team0 (unregistering): Port device team_slave_1 removed
[ 1775.770411][T17899] team0 (unregistering): Port device team_slave_0 removed
[ 1776.314476][T17899] lo (unregistering): left allmulticast mode
[ 1776.367326][T21367] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1776.452327][T21530] chnl_net:caif_netlink_parms(): no params data found
[ 1776.471108][T21367] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1776.505792][T11302] Bluetooth: hci1: command tx timeout
[ 1776.636107][T21591] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4525'.
[ 1776.683128][T16841] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1776.823006][T17894] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1776.834378][T21597] I/O error, dev loop1, sector 2 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[ 1776.844600][T21597] hfsplus: unable to find HFS+ superblock
[ 1776.913858][T21530] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1776.931931][T21530] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1776.984787][T21530] bridge_slave_0: entered allmulticast mode
[ 1777.011278][T21530] bridge_slave_0: entered promiscuous mode
[ 1777.090858][T17894] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1777.112121][T17894] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1777.261359][T21530] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1777.590811][T21530] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1777.599573][T21530] bridge_slave_1: entered allmulticast mode
[ 1777.692637][T21530] bridge_slave_1: entered promiscuous mode
[ 1777.873835][T21530] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1777.888928][T21530] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1777.899796][T21609] netlink: 'syz.1.4530': attribute type 10 has an invalid length.
[ 1777.924254][T21609] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1777.931866][T21609] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1777.945139][T21609] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1777.952407][T21609] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1777.959979][T21609] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1777.967125][T21609] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1777.983889][T21609] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1778.073270][T21148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1778.081845][T21530] team0: Port device team_slave_0 added
[ 1778.089110][T21530] team0: Port device team_slave_1 added
[ 1778.117693][T21148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1778.202499][T21530] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1778.212241][T21530] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1778.238913][T21530] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1778.274901][T21530] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1778.284450][T21530] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1778.319457][T21530] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1778.345002][T17894] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1778.363971][T17894] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1778.493490][T21530] hsr_slave_0: entered promiscuous mode
[ 1778.512619][T21530] hsr_slave_1: entered promiscuous mode
[ 1778.524579][T21530] debugfs: 'hsr0' already exists in 'hsr'
[ 1778.534174][T21530] Cannot create hsr debugfs directory
[ 1778.585792][T11302] Bluetooth: hci1: command tx timeout
[ 1778.722395][T21504] libceph: connect (1)[c::]:6789 error -101
[ 1778.736440][T21504] libceph: mon0 (1)[c::]:6789 connect error
[ 1778.845907][T21639] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4537'.
[ 1778.920995][T21635] lo speed is unknown, defaulting to 1000
[ 1779.028143][    T9] libceph: connect (1)[c::]:6789 error -101
[ 1779.034555][    T9] libceph: mon0 (1)[c::]:6789 connect error
[ 1779.477491][T21629] ceph: No mds server is up or the cluster is laggy
[ 1779.564442][    T9] libceph: connect (1)[c::]:6789 error -101
[ 1779.622765][    T9] libceph: mon0 (1)[c::]:6789 connect error
[ 1781.142382][T21668] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4543'.
[ 1781.146146][T21671] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1781.161736][T21671] FAT-fs (loop8): unable to read boot sector
[ 1782.335285][T21530] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1782.881358][T21530] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1782.931255][T21530] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1782.955779][T21530] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1783.458892][T21695] I/O error, dev loop1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1783.548290][T21695] MINIX-fs: unable to read superblock
[ 1784.059862][T21530] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1784.229551][T21530] 8021q: adding VLAN 0 to HW filter on device team0
[ 1784.283521][T21148] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1784.290760][T21148] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1784.291875][T21705] I/O error, dev loop8, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1784.312005][T21705] I/O error, dev loop8, sector 256 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1784.373481][T21705] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[ 1784.385505][T17906] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1784.392725][T17906] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1784.404820][T21705] I/O error, dev loop8, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1784.428114][T21705] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=512, location=512
[ 1784.439157][T21705] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found
[ 1784.452280][T21705] UDF-fs: Scanning with blocksize 512 failed
[ 1784.462100][T21705] I/O error, dev loop8, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1784.478670][T21705] I/O error, dev loop8, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1784.499106][T21530] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1784.535161][T21705] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[ 1784.563524][T21705] I/O error, dev loop8, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1784.564183][T21530] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1784.597342][T21705] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=512, location=512
[ 1784.612764][T21705] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found
[ 1784.635446][T21705] UDF-fs: Scanning with blocksize 1024 failed
[ 1784.679759][T21705] I/O error, dev loop8, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1784.698576][T21705] I/O error, dev loop8, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1784.831043][T21705] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[ 1784.853665][T21705] I/O error, dev loop8, sector 2048 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1784.863988][T21705] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=512, location=512
[ 1784.874883][T21705] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found
[ 1784.882692][T21705] UDF-fs: Scanning with blocksize 2048 failed
[ 1784.890492][T21705] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[ 1784.901337][T21705] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=512, location=512
[ 1784.915956][T21705] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found
[ 1784.923823][T21705] UDF-fs: Scanning with blocksize 4096 failed
[ 1785.086157][T21705] UDF-fs: warning (device loop8): udf_fill_super: No partition found (1)
[ 1785.109797][T21725] UDF-fs: error (device loop9): udf_read_tagged: read failed, block=256, location=256
[ 1785.198123][T21728] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1785.198123][T21728]    program syz.1.4558 not setting count and/or reply_len properly
[ 1785.383036][T21725] UDF-fs: error (device loop9): udf_read_tagged: read failed, block=512, location=512
[ 1785.722470][T21725] UDF-fs: warning (device loop9): udf_load_vrs: No anchor found
[ 1785.748505][T21725] UDF-fs: Scanning with blocksize 512 failed
[ 1785.756027][T21725] UDF-fs: error (device loop9): udf_read_tagged: read failed, block=256, location=256
[ 1785.775475][T21725] UDF-fs: error (device loop9): udf_read_tagged: read failed, block=512, location=512
[ 1785.824198][T21725] UDF-fs: warning (device loop9): udf_load_vrs: No anchor found
[ 1785.837936][T21725] UDF-fs: Scanning with blocksize 1024 failed
[ 1785.844792][T21725] UDF-fs: error (device loop9): udf_read_tagged: read failed, block=256, location=256
[ 1785.903897][T21725] UDF-fs: error (device loop9): udf_read_tagged: read failed, block=512, location=512
[ 1785.945318][T21725] UDF-fs: warning (device loop9): udf_load_vrs: No anchor found
[ 1785.954611][T21725] UDF-fs: Scanning with blocksize 2048 failed
[ 1785.962800][T21725] UDF-fs: error (device loop9): udf_read_tagged: read failed, block=256, location=256
[ 1785.973008][T21725] UDF-fs: error (device loop9): udf_read_tagged: read failed, block=512, location=512
[ 1785.982869][T21725] UDF-fs: warning (device loop9): udf_load_vrs: No anchor found
[ 1786.007633][T21725] UDF-fs: Scanning with blocksize 4096 failed
[ 1786.013754][T21725] UDF-fs: warning (device loop9): udf_fill_super: No partition found (1)
[ 1786.315790][T21746] netlink: 'syz.2.4565': attribute type 10 has an invalid length.
[ 1786.345067][T21746] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1786.352893][T21746] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1786.391521][T21746] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1786.398933][T21746] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1786.406527][T21746] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1786.413725][T21746] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1786.521090][T21746] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1786.661533][T21530] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1786.869632][T11302] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[ 1786.890621][T11302] CPU: 1 UID: 0 PID: 11302 Comm: kworker/u9:0 Not tainted syzkaller #0 PREEMPT(full) 
[ 1786.890654][T11302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1786.890669][T11302] Workqueue: hci0 hci_rx_work
[ 1786.890705][T11302] Call Trace:
[ 1786.890715][T11302]  <TASK>
[ 1786.890725][T11302]  dump_stack_lvl+0x189/0x250
[ 1786.890759][T11302]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1786.890785][T11302]  ? __pfx__printk+0x10/0x10
[ 1786.890821][T11302]  ? kernfs_path_from_node+0x250/0x290
[ 1786.890848][T11302]  ? kernfs_path_from_node+0x2f/0x290
[ 1786.890881][T11302]  sysfs_create_dir_ns+0x259/0x280
[ 1786.890918][T11302]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1786.890949][T11302]  ? do_raw_spin_unlock+0x122/0x240
[ 1786.890980][T11302]  kobject_add_internal+0x59f/0xb40
[ 1786.891013][T11302]  kobject_add+0x155/0x220
[ 1786.891040][T11302]  ? __pfx_kobject_add+0x10/0x10
[ 1786.891062][T11302]  ? _raw_spin_unlock+0x28/0x50
[ 1786.891094][T11302]  ? get_device_parent+0x366/0x3a0
[ 1786.891125][T11302]  device_add+0x408/0xb50
[ 1786.891156][T11302]  hci_conn_add_sysfs+0xd5/0x1e0
[ 1786.891186][T11302]  le_conn_complete_evt+0xc3a/0x1220
[ 1786.891234][T11302]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1786.891268][T11302]  ? __mutex_unlock_slowpath+0x1a1/0x740
[ 1786.891286][T11302]  ? __asan_memcpy+0x40/0x70
[ 1786.891321][T11302]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1786.891339][T11302]  ? skb_pull_data+0xfb/0x200
[ 1786.891370][T11302]  hci_le_conn_complete_evt+0x187/0x450
[ 1786.891420][T11302]  hci_event_packet+0x78f/0x1200
[ 1786.891449][T11302]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1786.891480][T11302]  ? __pfx_hci_event_packet+0x10/0x10
[ 1786.891508][T11302]  ? kcov_remote_start+0x4d3/0x7f0
[ 1786.891534][T11302]  ? lockdep_hardirqs_on+0x90/0x150
[ 1786.891567][T11302]  ? hci_send_to_monitor+0xe2/0x570
[ 1786.891590][T11302]  hci_rx_work+0x46a/0xe80
[ 1786.891624][T11302]  ? process_scheduled_works+0x9ef/0x17b0
[ 1786.891656][T11302]  process_scheduled_works+0xae1/0x17b0
[ 1786.891718][T11302]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1786.891766][T11302]  worker_thread+0x8a0/0xda0
[ 1786.891799][T11302]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1786.891835][T11302]  ? __kthread_parkme+0x7b/0x200
[ 1786.891865][T11302]  kthread+0x711/0x8a0
[ 1786.891891][T11302]  ? __pfx_worker_thread+0x10/0x10
[ 1786.891926][T11302]  ? __pfx_kthread+0x10/0x10
[ 1786.891950][T11302]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1786.891976][T11302]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1786.892003][T11302]  ? __pfx_kthread+0x10/0x10
[ 1786.892027][T11302]  ret_from_fork+0x4bc/0x870
[ 1786.892058][T11302]  ? __pfx_ret_from_fork+0x10/0x10
[ 1786.892095][T11302]  ? __switch_to_asm+0x39/0x70
[ 1786.892119][T11302]  ? __switch_to_asm+0x33/0x70
[ 1786.892143][T11302]  ? __pfx_kthread+0x10/0x10
[ 1786.892166][T11302]  ret_from_fork_asm+0x1a/0x30
[ 1786.892211][T11302]  </TASK>
[ 1786.892243][T11302] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1787.188908][T11302] Bluetooth: hci0: failed to register connection device
[ 1787.606011][T21530] veth0_vlan: entered promiscuous mode
[ 1787.710913][T21530] veth1_vlan: entered promiscuous mode
[ 1788.524663][T21530] veth0_macvtap: entered promiscuous mode
[ 1788.556915][T21530] veth1_macvtap: entered promiscuous mode
[ 1788.620027][T21530] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1788.694758][T21787] blk_print_req_error: 11 callbacks suppressed
[ 1788.694787][T21787] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1788.706913][T21530] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1788.749831][T21787] FAT-fs (loop1): unable to read boot sector
[ 1788.756851][T21150] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1788.785808][T21150] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1788.802944][T21150] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1788.833104][T21150] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1788.932688][T21762] EXT4-fs: Ignoring removed nobh option
[ 1788.975142][T21762] I/O error, dev loop9, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[ 1788.998912][T21762] EXT4-fs (loop9): unable to read superblock
[ 1789.085957][T21150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1789.093925][T21150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1789.208206][T21150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1789.231671][T21150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1789.555792][T14666] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[ 1789.748291][T14666] usb 10-1: Using ep0 maxpacket: 32
[ 1789.783904][T14666] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[ 1789.841052][T14666] usb 10-1: config 0 has no interface number 0
[ 1789.861608][T14666] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1789.905924][T14666] usb 10-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1789.934613][T14666] usb 10-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[ 1789.953259][T14666] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1789.965418][T14666] usb 10-1: config 0 descriptor??
[ 1790.098119][T21784] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[ 1790.162820][T21784] XFS (loop2): SB validate failed with error -5.
[ 1790.627439][T14666] uclogic 0003:28BD:0094.0019: pen parameters not found
[ 1790.634463][T14666] uclogic 0003:28BD:0094.0019: interface is invalid, ignoring
[ 1790.674377][T14666] usb 10-1: USB disconnect, device number 2
[ 1790.972815][T21830] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[ 1791.003223][T21830] SQUASHFS error: Failed to read block 0x0: -5
[ 1791.022179][T21830] unable to read squashfs_super_block
[ 1791.071569][T21825] I/O error, dev loop4, sector 8 op 0x0:(READ) flags 0x1800 phys_seg 1 prio class 1
[ 1791.081240][T21825] bcachefs (/dev/loop4): error reading default superblock: IO error: -5
[ 1791.089698][T21825] I/O error, dev loop4, sector 7 op 0x0:(READ) flags 0x1800 phys_seg 1 prio class 1
[ 1791.099167][T21825] bcachefs (/dev/loop4): error reading superblock: IO error: -5
[ 1791.107076][T21825] bcachefs: bch2_fs_get_tree() error: EIO
[ 1791.456159][T21841] netlink: 368 bytes leftover after parsing attributes in process `syz.1.4595'.
[ 1791.794378][T21821] I/O error, dev loop2, sector 8 op 0x0:(READ) flags 0x1800 phys_seg 1 prio class 2
[ 1791.814552][T21821] bcachefs (/dev/loop2): error reading default superblock: IO error: -5
[ 1791.823400][T21821] I/O error, dev loop2, sector 7 op 0x0:(READ) flags 0x1800 phys_seg 1 prio class 2
[ 1791.858157][T21821] bcachefs (/dev/loop2): error reading superblock: IO error: -5
[ 1791.895151][T21821] bcachefs: bch2_fs_get_tree() error: EIO
[ 1791.971216][T21848] EXT4-fs: inline encryption not supported
[ 1792.087024][T21844] nvme_fabrics: missing parameter 'transport=%s'
[ 1792.112710][T21844] nvme_fabrics: missing parameter 'nqn=%s'
[ 1792.121741][T21848] EXT4-fs: Ignoring removed i_version option
[ 1792.144648][T21848] I/O error, dev loop4, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[ 1792.172588][T21848] EXT4-fs (loop4): unable to read superblock
[ 1793.648079][T11302] Bluetooth: hci0: command 0x0406 tx timeout
[ 1793.751871][T21865] f2fs: Unknown parameter '�����?c�Y��t�<Ss�B���p��L�-����<�Si����4�`o+��T�2��z�o�����}K����0 l��CG�r�>r�7X���7�ė��}����%'
[ 1793.916605][T21860] ntfs3(loop2): try to read out of volume at offset 0x0
[ 1794.901480][T21877] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 1
[ 1794.911453][T21877] XFS (loop9): SB validate failed with error -5.
[ 1795.861066][T21888] ntfs3(loop9): try to read out of volume at offset 0x0
[ 1796.265893][T21890] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1797.017790][T21900] I/O error, dev loop2, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1797.118299][T21900] I/O error, dev loop2, sector 256 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1797.195850][T21900] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[ 1797.219497][T21900] I/O error, dev loop2, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1797.264349][T21900] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[ 1797.276725][T21900] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[ 1797.284394][T21900] UDF-fs: Scanning with blocksize 512 failed
[ 1797.292563][T21900] I/O error, dev loop2, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1797.305516][T21900] I/O error, dev loop2, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1797.345794][T21900] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[ 1797.371788][T21900] I/O error, dev loop2, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1797.406277][T21900] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[ 1797.430000][T21900] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[ 1797.454804][T21900] UDF-fs: Scanning with blocksize 1024 failed
[ 1797.463574][T21904] netlink: 368 bytes leftover after parsing attributes in process `syz.4.4611'.
[ 1797.475424][T21900] I/O error, dev loop2, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1797.511668][T21900] I/O error, dev loop2, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1797.535764][T21900] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[ 1797.563763][T21900] I/O error, dev loop2, sector 2048 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1797.588741][T21900] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[ 1797.602041][T21900] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[ 1797.621868][T21900] UDF-fs: Scanning with blocksize 2048 failed
[ 1797.632129][T21900] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[ 1797.645530][T21900] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[ 1797.661383][T21900] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[ 1797.672387][T21900] UDF-fs: Scanning with blocksize 4096 failed
[ 1797.682624][T21900] UDF-fs: warning (device loop2): udf_fill_super: No partition found (1)
[ 1798.143136][T21913] nvme_fabrics: missing parameter 'transport=%s'
[ 1798.151759][T21913] nvme_fabrics: missing parameter 'nqn=%s'
[ 1798.779246][T21939] FAT-fs (loop1): unable to read boot sector
[ 1799.812462][T11302] Bluetooth: hci4: command tx timeout
[ 1800.261030][T21922] blk_print_req_error: 4 callbacks suppressed
[ 1800.261053][T21922] I/O error, dev loop2, sector 8 op 0x0:(READ) flags 0x1800 phys_seg 1 prio class 2
[ 1800.329470][T21922] bcachefs (/dev/loop2): error reading default superblock: IO error: -5
[ 1800.381422][T21922] I/O error, dev loop2, sector 7 op 0x0:(READ) flags 0x1800 phys_seg 1 prio class 2
[ 1800.907140][T21922] bcachefs (/dev/loop2): error reading superblock: IO error: -5
[ 1800.915389][T21922] bcachefs: bch2_fs_get_tree() error: EIO
[ 1801.976444][T11302] Bluetooth: hci4: command 0x0406 tx timeout
[ 1802.553393][T21983] nvme_fabrics: missing parameter 'transport=%s'
[ 1802.583378][T21983] nvme_fabrics: missing parameter 'nqn=%s'
[ 1802.599827][T21990] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1802.639581][T21990] FAT-fs (loop8): unable to read boot sector
[ 1804.111900][T22009] netlink: 368 bytes leftover after parsing attributes in process `syz.9.4648'.
[ 1804.299169][T22015] netlink: 'syz.1.4647': attribute type 10 has an invalid length.
[ 1804.348555][T22015] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1804.356537][T22015] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1805.114781][   T61] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1805.427938][T22025] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[ 1805.439387][T22025] XFS (loop4): SB validate failed with error -5.
[ 1805.838021][   T61] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1806.217812][   T61] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1807.448229][   T61] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1807.564131][T22059] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4663'.
[ 1807.585306][T11302] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1807.619651][T11302] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1807.637854][T11302] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1807.676319][T11302] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1807.698322][T11302] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1807.724361][T22059] netlink: 76 bytes leftover after parsing attributes in process `syz.8.4663'.
[ 1807.852264][T22060] lo speed is unknown, defaulting to 1000
[ 1808.072002][T22069] netlink: 'syz.8.4665': attribute type 11 has an invalid length.
[ 1808.393527][   T61] bridge_slave_1: left allmulticast mode
[ 1808.403352][   T61] bridge_slave_1: left promiscuous mode
[ 1808.413053][   T61] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1809.204406][T22074] nvme_fabrics: missing parameter 'transport=%s'
[ 1809.542579][   T61] bridge_slave_0: left allmulticast mode
[ 1809.546291][T22074] nvme_fabrics: missing parameter 'nqn=%s'
[ 1809.558348][T14660] hid-generic 0000:0003:0001.001A: unknown main item tag 0x0
[ 1809.580451][T14660] hid-generic 0000:0003:0001.001A: unknown main item tag 0x0
[ 1809.591507][   T61] bridge_slave_0: left promiscuous mode
[ 1809.596487][T14660] hid-generic 0000:0003:0001.001A: hidraw0: <UNKNOWN> HID v0.03 Device [syz0] on syz1
[ 1810.077024][T14250] Bluetooth: hci0: command tx timeout
[ 1810.182370][   T61] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1810.390990][T22091] overlayfs: failed to clone upperpath
[ 1811.635813][   T61] bond0 (unregistering): (slave bridge0): Releasing backup interface
[ 1811.882053][   T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1811.893654][   T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1811.904125][   T61] bond0 (unregistering): Released all slaves
[ 1812.105873][T11302] Bluetooth: hci0: command tx timeout
[ 1812.131739][T22114] netlink: 'syz.8.4678': attribute type 11 has an invalid length.
[ 1812.811819][   T61] hsr_slave_0: left promiscuous mode
[ 1812.886653][   T61] hsr_slave_1: left promiscuous mode
[ 1812.917870][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1812.945219][   T61] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1813.131821][   T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1813.161657][   T61] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1814.089716][   T61] veth1_macvtap: left promiscuous mode
[ 1814.096549][   T61] veth0_macvtap: left promiscuous mode
[ 1814.102516][   T61] veth1_vlan: left promiscuous mode
[ 1814.108296][   T61] veth0_vlan: left promiscuous mode
[ 1814.201342][T11302] Bluetooth: hci0: command tx timeout
[ 1814.278288][T22143] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4687'.
[ 1814.312226][T22141] 9pnet: p9_errstr2errno: server reported unknown error �@c�F	S+���+
[ 1815.656230][T22158] overlayfs: failed to clone upperpath
[ 1815.714385][   T61] team0 (unregistering): Port device team_slave_1 removed
[ 1815.812533][   T61] team0 (unregistering): Port device team_slave_0 removed
[ 1816.276221][T11302] Bluetooth: hci0: command tx timeout
[ 1816.955316][T22060] chnl_net:caif_netlink_parms(): no params data found
[ 1817.050786][T22173] I/O error, dev loop1, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[ 1817.106339][T22173] EXT4-fs (loop1): unable to read superblock
[ 1817.221083][T22176] bridge_slave_0: left allmulticast mode
[ 1817.232233][T22176] bridge_slave_0: left promiscuous mode
[ 1817.241018][T22176] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1817.260095][T22176] bridge_slave_1: left allmulticast mode
[ 1817.266412][T22176] bridge_slave_1: left promiscuous mode
[ 1817.274003][T22176] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1817.320926][T22176] bond0: (slave bond_slave_0): Releasing backup interface
[ 1817.335107][T22176] bond0: (slave bond_slave_1): Releasing backup interface
[ 1817.359254][T22176] team0: Port device team_slave_0 removed
[ 1817.372998][T22176] team0: Port device team_slave_1 removed
[ 1817.381178][T22176] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1817.391162][T22176] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1817.402942][T22176] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1817.411143][T22176] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1817.433763][T22176] net_ratelimit: 70 callbacks suppressed
[ 1817.433787][T22176] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1817.496999][T22181] team0: Mode changed to "roundrobin"
[ 1817.622968][T22184] vlan0: entered promiscuous mode
[ 1817.647550][T22184] team0: Port device vlan0 added
[ 1817.749266][T22186] tipc: Started in network mode
[ 1817.756291][T22186] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[ 1817.776615][T22186] tipc: Enabled bearer <eth:team0>, priority 0
[ 1817.937472][T22060] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1817.961708][T22060] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1817.979401][T22060] bridge_slave_0: entered allmulticast mode
[ 1818.005113][T22060] bridge_slave_0: entered promiscuous mode
[ 1818.027619][T22060] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1818.096007][T22060] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1818.138274][T22060] bridge_slave_1: entered allmulticast mode
[ 1818.157042][T22060] bridge_slave_1: entered promiscuous mode
[ 1818.217103][T22205] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4705'.
[ 1818.407981][T22060] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1818.472277][T22060] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1818.620343][T22060] team0: Port device team_slave_0 added
[ 1818.653105][T22060] team0: Port device team_slave_1 added
[ 1818.785370][T22060] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1818.793293][T22060] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1818.845053][T22060] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1818.898651][T13435] tipc: Node number set to 11578026
[ 1818.898651][T22060] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1818.910791][T22060] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1818.939362][T22060] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1819.253045][T22060] hsr_slave_0: entered promiscuous mode
[ 1819.260619][T22226] binder: 22224:22226 unknown command 0
[ 1819.305520][T22060] hsr_slave_1: entered promiscuous mode
[ 1819.314537][T22060] debugfs: 'hsr0' already exists in 'hsr'
[ 1819.327242][T22226] binder: 22224:22226 ioctl c0306201 200000000080 returned -22
[ 1819.348611][T22060] Cannot create hsr debugfs directory
[ 1819.369736][T22228] binder: 22224:22228 ioctl c0306201 0 returned -14
[ 1821.217187][T22260] binder: 22258:22260 unknown command 0
[ 1821.222796][T22260] binder: 22258:22260 ioctl c0306201 200000000080 returned -22
[ 1821.310786][T22260] binder: 22258:22260 ioctl c0306201 0 returned -14
[ 1822.039195][T14250] Bluetooth: hci3: command tx timeout
[ 1822.212842][T22060] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1822.275861][T22284] netlink: 'syz.1.4736': attribute type 1 has an invalid length.
[ 1822.310416][T22060] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1822.320147][T22284] netlink: 224 bytes leftover after parsing attributes in process `syz.1.4736'.
[ 1822.362234][T22060] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1822.404351][T22060] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1823.586556][T22302] binder: 22301:22302 unknown command 0
[ 1823.592350][T22302] binder: 22301:22302 ioctl c0306201 200000000080 returned -22
[ 1823.598779][T22060] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1823.639088][T22060] 8021q: adding VLAN 0 to HW filter on device team0
[ 1823.683421][T21150] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1823.691450][T21150] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1823.734411][T12332] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1823.741916][T12332] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1823.784995][T22280] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[ 1823.808367][T22280] XFS (loop8): SB validate failed with error -5.
[ 1823.956031][T14250] Bluetooth: hci2: command tx timeout
[ 1824.106013][T14250] Bluetooth: hci3: command 0x0419 tx timeout
[ 1825.262581][T22344] EXT4-fs: Ignoring removed nobh option
[ 1825.273075][T22344] I/O error, dev loop8, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 1
[ 1825.283127][T22344] EXT4-fs (loop8): unable to read superblock
[ 1825.939141][T22060] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1826.028185][T11302] Bluetooth: hci2: command tx timeout
[ 1826.185710][T11302] Bluetooth: hci3: command 0x0419 tx timeout
[ 1826.600856][T22363] I/O error, dev loop8, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[ 1826.701727][T22363] EXT4-fs (loop8): unable to read superblock
[ 1826.743215][T22363] I/O error, dev loop8, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1826.753471][T22363] I/O error, dev loop8, sector 256 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1826.763171][T22363] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[ 1826.773023][T22363] I/O error, dev loop8, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1826.782451][T22363] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=512, location=512
[ 1826.793094][T22363] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found
[ 1826.800969][T22363] UDF-fs: Scanning with blocksize 512 failed
[ 1826.807691][T22363] I/O error, dev loop8, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1826.817320][T22363] I/O error, dev loop8, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1826.826953][T22363] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[ 1826.836730][T22363] I/O error, dev loop8, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1826.846238][T22363] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=512, location=512
[ 1826.856071][T22363] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found
[ 1826.863798][T22363] UDF-fs: Scanning with blocksize 1024 failed
[ 1826.870696][T22363] I/O error, dev loop8, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1826.880378][T22363] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[ 1826.890296][T22363] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=512, location=512
[ 1826.900662][T22363] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found
[ 1826.908396][T22363] UDF-fs: Scanning with blocksize 2048 failed
[ 1826.915169][T22363] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[ 1826.925008][T22363] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=512, location=512
[ 1826.934695][T22363] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found
[ 1826.942412][T22363] UDF-fs: Scanning with blocksize 4096 failed
[ 1826.948507][T22363] UDF-fs: warning (device loop8): udf_fill_super: No partition found (1)
[ 1827.585297][T22060] veth0_vlan: entered promiscuous mode
[ 1827.625208][T22060] veth1_vlan: entered promiscuous mode
[ 1827.739457][T22060] veth0_macvtap: entered promiscuous mode
[ 1827.765905][T22060] veth1_macvtap: entered promiscuous mode
[ 1827.848423][T22060] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1827.902733][T22060] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1827.952479][T17894] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1827.979266][T17894] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1828.002884][T17894] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1828.025153][T22382] binder: 22381:22382 unknown command 0
[ 1828.035325][T22382] binder: 22381:22382 ioctl c0306201 200000000080 returned -22
[ 1828.049389][T17894] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1828.114842][T14250] Bluetooth: hci2: command 0x0406 tx timeout
[ 1828.172195][T22354] (syz.1.4755,22354,1):ocfs2_get_sector:1714 ERROR: status = -5
[ 1828.180969][T22354] (syz.1.4755,22354,1):ocfs2_sb_probe:753 ERROR: status = -5
[ 1828.189747][T22354] (syz.1.4755,22354,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[ 1828.201662][T22354] (syz.1.4755,22354,1):ocfs2_fill_super:1177 ERROR: status = -5
[ 1828.294369][T17897] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1828.312274][T17897] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1828.361847][T22390] binder: 22389:22390 unknown command 0
[ 1828.385063][T22390] binder: 22389:22390 ioctl c0306201 200000000080 returned -22
[ 1828.394921][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1828.401399][T22390] binder: 22389:22390 ioctl c0306201 0 returned -14
[ 1828.413026][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1830.938808][T22422] overlayfs: failed to clone upperpath
[ 1831.034303][T22426] binder: 22425:22426 unknown command 0
[ 1831.052644][T22426] binder: 22425:22426 ioctl c0306201 200000000080 returned -22
[ 1831.086683][T22426] binder: 22425:22426 ioctl c0306201 0 returned -14
[ 1831.134479][T22430] netlink: 368 bytes leftover after parsing attributes in process `syz.9.4785'.
[ 1834.688965][T22459] overlayfs: failed to clone upperpath
[ 1834.704787][T22461] netlink: 'syz.1.4788': attribute type 10 has an invalid length.
[ 1834.790992][T22465] binder: 22463:22465 unknown command 0
[ 1834.802286][T22465] binder: 22463:22465 ioctl c0306201 200000000080 returned -22
[ 1835.573116][T22475] overlayfs: failed to clone upperpath
[ 1838.050541][T22487] blk_print_req_error: 6 callbacks suppressed
[ 1838.050562][T22487] I/O error, dev loop1, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[ 1838.601570][T22492] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1838.601570][T22492]    program syz.8.4803 not setting count and/or reply_len properly
[ 1838.980468][T22487] EXT4-fs (loop1): unable to read superblock
[ 1842.233629][T22539] overlayfs: failed to resolve './file1': -2
[ 1842.370166][T22544] overlayfs: failed to resolve './bus': -2
[ 1846.081029][T22586] overlayfs: failed to resolve './bus': -2
[ 1848.429386][T22611] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1848.488433][T22611] hpfs: hpfs_map_sector(): read error
[ 1848.670885][T22614] overlayfs: failed to resolve './bus': -2
[ 1848.820278][T22617] binder: 22608:22617 ioctl 4018620d 0 returned -22
[ 1849.871939][T22633] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1851.995930][T14668] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[ 1852.575693][T14668] usb 7-1: Using ep0 maxpacket: 32
[ 1852.661665][T14668] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[ 1852.670469][T14668] usb 7-1: config 0 has no interface number 0
[ 1852.710381][T14668] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1852.728081][T14668] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1852.740487][T14668] usb 7-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[ 1852.761766][T14668] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1852.778165][T14668] usb 7-1: config 0 descriptor??
[ 1853.287715][T22646] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[ 1853.299271][T22646] XFS (loop4): SB validate failed with error -5.
[ 1853.431118][T14668] uclogic 0003:28BD:0094.001B: pen parameters not found
[ 1853.460247][T14668] uclogic 0003:28BD:0094.001B: interface is invalid, ignoring
[ 1853.707138][T14668] usb 7-1: USB disconnect, device number 2
[ 1853.902221][T22677] overlayfs: failed to clone upperpath
[ 1854.303289][T22687] batman_adv: batadv0: Adding interface: dummy0
[ 1854.309671][T22687] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1854.409816][T22687] batman_adv: batadv0: Interface activated: dummy0
[ 1854.420802][T22690] batadv0: mtu less than device minimum
[ 1854.428582][T22690] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1854.442295][T22690] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1854.454724][T22690] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1854.467551][T22690] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1854.480189][T22690] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1854.492121][T22690] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1854.503599][T22690] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1854.515588][T22690] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1854.528447][T22690] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1854.736392][T22693] binder: 22692:22693 unknown command 0
[ 1854.742179][T22693] binder: 22692:22693 ioctl c0306201 200000000080 returned -22
[ 1855.593577][T22708] overlayfs: failed to clone upperpath
[ 1856.539471][T22723] vivid-000: disconnect
[ 1856.581338][T22720] vivid-000: reconnect
[ 1857.613326][T22740] netlink: 'syz.1.4891': attribute type 10 has an invalid length.
[ 1859.203685][T22755] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4897'.
[ 1859.672634][T22770] netlink: 'syz.6.4903': attribute type 10 has an invalid length.
[ 1859.724235][T22770] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1859.732114][T22770] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1859.788982][T22770] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1859.796278][T22770] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1859.803950][T22770] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1859.811225][T22770] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1859.838255][T22777] XFS (nullb0): Invalid superblock magic number
[ 1859.881240][T22770] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1860.125272][T22752] I/O error, dev loop8, sector 8 op 0x0:(READ) flags 0x1800 phys_seg 1 prio class 2
[ 1860.138932][T22752] bcachefs (/dev/loop8): error reading default superblock: IO error: -5
[ 1860.199500][T22752] I/O error, dev loop8, sector 7 op 0x0:(READ) flags 0x1800 phys_seg 1 prio class 2
[ 1860.286393][T22752] bcachefs (/dev/loop8): error reading superblock: IO error: -5
[ 1860.299687][T22752] bcachefs: bch2_fs_get_tree() error: EIO
[ 1860.755682][    T9] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[ 1860.905918][    T9] usb 7-1: Using ep0 maxpacket: 16
[ 1860.937532][    T9] usb 7-1: New USB device found, idVendor=05dc, idProduct=0001, bcdDevice= 0.01
[ 1860.983161][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1861.014743][    T9] usb 7-1: Product: syz
[ 1861.024001][    T9] usb 7-1: Manufacturer: syz
[ 1861.034178][    T9] usb 7-1: SerialNumber: syz
[ 1861.068837][    T9] usb 7-1: config 0 descriptor??
[ 1861.117041][    T9] ums-jumpshot 7-1:0.0: USB Mass Storage device detected
[ 1861.193241][    T9] ums-jumpshot 7-1:0.0: Quirks match for vid 05dc pid 0001: 2
[ 1862.070491][T14250] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[ 1862.081228][T14250] CPU: 0 UID: 0 PID: 14250 Comm: kworker/u9:1 Not tainted syzkaller #0 PREEMPT(full) 
[ 1862.081250][T14250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1862.081262][T14250] Workqueue: hci1 hci_rx_work
[ 1862.081288][T14250] Call Trace:
[ 1862.081295][T14250]  <TASK>
[ 1862.081304][T14250]  dump_stack_lvl+0x189/0x250
[ 1862.081330][T14250]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1862.081349][T14250]  ? __pfx__printk+0x10/0x10
[ 1862.081377][T14250]  ? kernfs_path_from_node+0x250/0x290
[ 1862.081397][T14250]  ? kernfs_path_from_node+0x2f/0x290
[ 1862.081421][T14250]  sysfs_create_dir_ns+0x259/0x280
[ 1862.081443][T14250]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1862.081464][T14250]  ? do_raw_spin_unlock+0x122/0x240
[ 1862.081488][T14250]  kobject_add_internal+0x59f/0xb40
[ 1862.081512][T14250]  kobject_add+0x155/0x220
[ 1862.081531][T14250]  ? __pfx_kobject_add+0x10/0x10
[ 1862.081546][T14250]  ? _raw_spin_unlock+0x28/0x50
[ 1862.081570][T14250]  ? get_device_parent+0x366/0x3a0
[ 1862.081593][T14250]  device_add+0x408/0xb50
[ 1862.081615][T14250]  hci_conn_add_sysfs+0xd5/0x1e0
[ 1862.081636][T14250]  le_conn_complete_evt+0xc3a/0x1220
[ 1862.081672][T14250]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1862.081697][T14250]  ? __mutex_unlock_slowpath+0x1a1/0x740
[ 1862.081710][T14250]  ? __asan_memcpy+0x40/0x70
[ 1862.081745][T14250]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1862.081759][T14250]  ? skb_pull_data+0xfb/0x200
[ 1862.081783][T14250]  hci_le_conn_complete_evt+0x187/0x450
[ 1862.081812][T14250]  hci_event_packet+0x78f/0x1200
[ 1862.081836][T14250]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1862.081861][T14250]  ? __pfx_hci_event_packet+0x10/0x10
[ 1862.081895][T14250]  ? kcov_remote_start+0x4d3/0x7f0
[ 1862.081918][T14250]  ? lockdep_hardirqs_on+0x90/0x150
[ 1862.081949][T14250]  ? hci_send_to_monitor+0xe2/0x570
[ 1862.081968][T14250]  hci_rx_work+0x46a/0xe80
[ 1862.081995][T14250]  ? process_scheduled_works+0x9ef/0x17b0
[ 1862.082020][T14250]  process_scheduled_works+0xae1/0x17b0
[ 1862.082067][T14250]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1862.082105][T14250]  worker_thread+0x8a0/0xda0
[ 1862.082150][T14250]  kthread+0x711/0x8a0
[ 1862.082179][T14250]  ? __pfx_worker_thread+0x10/0x10
[ 1862.082211][T14250]  ? __pfx_kthread+0x10/0x10
[ 1862.082238][T14250]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1862.082267][T14250]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1862.082293][T14250]  ? __pfx_kthread+0x10/0x10
[ 1862.082311][T14250]  ret_from_fork+0x4bc/0x870
[ 1862.082336][T14250]  ? __pfx_ret_from_fork+0x10/0x10
[ 1862.082364][T14250]  ? __switch_to_asm+0x39/0x70
[ 1862.082384][T14250]  ? __switch_to_asm+0x33/0x70
[ 1862.082403][T14250]  ? __pfx_kthread+0x10/0x10
[ 1862.082422][T14250]  ret_from_fork_asm+0x1a/0x30
[ 1862.082457][T14250]  </TASK>
[ 1862.082492][T14250] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1862.379434][T14250] Bluetooth: hci1: failed to register connection device
[ 1862.604247][T14666] usb 7-1: USB disconnect, device number 3
[ 1862.824817][T14250] Bluetooth: hci4: unexpected cc 0x203e length: 2 > 1
[ 1862.833297][T14250] Bluetooth: hci4: unexpected event for opcode 0x203e
[ 1863.235693][    T9] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[ 1863.395698][    T9] usb 9-1: Using ep0 maxpacket: 32
[ 1863.403912][    T9] usb 9-1: config 0 has an invalid interface number: 35 but max is 0
[ 1863.506351][    T9] usb 9-1: config 0 has no interface number 0
[ 1863.515751][    T9] usb 9-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[ 1863.528396][    T9] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1863.537663][    T9] usb 9-1: Product: syz
[ 1863.544250][    T9] usb 9-1: Manufacturer: syz
[ 1863.549406][    T9] usb 9-1: SerialNumber: syz
[ 1864.253023][    T9] usb 9-1: config 0 descriptor??
[ 1864.486929][    T9] radio-si470x 9-1:0.35: this is not a si470x device.
[ 1864.771090][    T9] radio-raremono 9-1:0.35: Thanko's Raremono connected: (10C4:818A)
[ 1864.975459][T22828] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1864.998393][T22828] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1865.066722][T11302] Bluetooth: hci3: command 0x0419 tx timeout
[ 1865.166572][T14250] Bluetooth: hci0: unexpected cc 0x203e length: 2 > 1
[ 1865.553047][T22874] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1866.905776][T14250] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[ 1866.914520][T14250] Bluetooth: hci4: Injecting HCI hardware error event
[ 1866.924110][T11302] Bluetooth: hci4: hardware error 0x00
[ 1867.061816][    T9] radio-raremono 9-1:0.35: raremono_cmd_main failed (-71)
[ 1867.094447][    T9] radio-raremono 9-1:0.35: V4L2 device registered as radio48
[ 1867.148714][    T9] usb 9-1: USB disconnect, device number 2
[ 1867.156708][    T9] radio-raremono 9-1:0.35: Thanko's Raremono disconnected
[ 1868.432991][T22915] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1869.419821][T14250] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[ 1869.429176][T14250] Bluetooth: hci0: Injecting HCI hardware error event
[ 1869.430430][T11302] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[ 1869.439540][T14250] Bluetooth: hci0: hardware error 0x00
[ 1870.187093][T19691] Bluetooth: hci2: command 0x0406 tx timeout
[ 1871.604937][T22944] Mount JFS Failure: -22
[ 1871.609406][T22944] jfs_mount failed w/return code = -22
[ 1872.541498][T14250] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[ 1872.785821][T12773] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[ 1872.955721][T12773] usb 9-1: Using ep0 maxpacket: 8
[ 1872.972452][T12773] usb 9-1: New USB device found, idVendor=0763, idProduct=2081, bcdDevice=d0.ab
[ 1872.995448][T12773] usb 9-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1873.004381][T12773] usb 9-1: Product: syz
[ 1873.010030][T12773] usb 9-1: Manufacturer: syz
[ 1873.017085][T12773] usb 9-1: SerialNumber: syz
[ 1873.036517][T12773] usb 9-1: config 0 descriptor??
[ 1873.913361][T12773] usb 9-1: USB disconnect, device number 3
[ 1875.299998][T22991] overlayfs: failed to resolve './bus': -2
[ 1877.082762][T22319] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1877.108209][T22319] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1877.117618][T22319] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1877.126053][T22319] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1877.134846][T22319] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1877.250768][T23031] lo speed is unknown, defaulting to 1000
[ 1877.382925][T23046] overlayfs: failed to clone upperpath
[ 1877.436970][T12773] usb 7-1: new low-speed USB device number 4 using dummy_hcd
[ 1877.568435][T23031] chnl_net:caif_netlink_parms(): no params data found
[ 1877.627989][T12773] usb 7-1: New USB device found, idVendor=046d, idProduct=08b1, bcdDevice=6d.2a
[ 1877.689684][T12773] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1877.701934][T12773] usb 7-1: config 0 descriptor??
[ 1877.735022][T12773] pwc: Logitech QuickCam Notebook Pro USB webcam detected.
[ 1877.886566][T23031] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1877.897440][T23031] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1877.906974][T23031] bridge_slave_0: entered allmulticast mode
[ 1877.923078][T23031] bridge_slave_0: entered promiscuous mode
[ 1877.941141][T12773] pwc: Failed to set LED on/off time (-71)
[ 1877.953984][T12773] pwc: send_video_command error -71
[ 1877.959835][T12773] pwc: Failed to set video mode VGA@30 fps; return code = -71
[ 1877.968883][T23031] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1877.976396][T12773] Philips webcam 7-1:0.0: probe with driver Philips webcam failed with error -71
[ 1877.986399][T23031] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1877.998611][T12773] usb 7-1: USB disconnect, device number 4
[ 1878.006432][T23031] bridge_slave_1: entered allmulticast mode
[ 1878.045028][T23031] bridge_slave_1: entered promiscuous mode
[ 1878.083789][T23063] overlayfs: failed to clone upperpath
[ 1878.193258][T23031] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1878.225061][T23031] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1878.352785][T23067] 9pnet: p9_errstr2errno: server reported unknown error �@c�F	S+���
[ 1878.380389][T23031] team0: Port device team_slave_0 added
[ 1878.443045][T23031] team0: Port device team_slave_1 added
[ 1878.655901][T23031] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1878.662919][T23031] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1878.796116][T23031] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1878.871365][T23076] batman_adv: batadv0: Adding interface: dummy0
[ 1878.899552][T23076] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1878.969587][T23079] overlayfs: failed to clone upperpath
[ 1878.995432][T23076] batman_adv: batadv0: Interface activated: dummy0
[ 1879.083472][T23077] net_ratelimit: 10 callbacks suppressed
[ 1879.083489][T23077] batadv0: mtu less than device minimum
[ 1879.107190][T23077] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1879.119090][T23077] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1879.131146][T23077] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1879.143189][T23077] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1879.155213][T23077] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1879.167492][T23077] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1879.179732][T23077] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1879.191287][T23077] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1879.202748][T23077] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1879.226002][T22319] Bluetooth: hci5: command tx timeout
[ 1879.276750][T23031] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1879.321278][T23031] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1879.359793][T23085] netlink: 'syz.9.5009': attribute type 10 has an invalid length.
[ 1879.419311][T23031] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1879.441421][T23085] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1879.455255][T23085] bond0: (slave batadv0): Enslaving as an active interface with an up link
[ 1879.515137][T23031] hsr_slave_0: entered promiscuous mode
[ 1879.581974][T23031] hsr_slave_1: entered promiscuous mode
[ 1879.682077][T23031] debugfs: 'hsr0' already exists in 'hsr'
[ 1879.790643][T23031] Cannot create hsr debugfs directory
[ 1879.883093][T23090] overlayfs: failed to clone upperpath
[ 1881.199816][T23116] overlayfs: failed to clone upperpath
[ 1881.306765][T22319] Bluetooth: hci5: command tx timeout
[ 1881.701909][T23125] overlayfs: failed to clone upperpath
[ 1881.791440][T23031] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1881.804233][T23031] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1881.890747][T23031] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1882.084455][T23031] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1882.670218][T23031] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1883.389018][T22319] Bluetooth: hci5: command tx timeout
[ 1883.512914][T23031] 8021q: adding VLAN 0 to HW filter on device team0
[ 1883.546229][T17897] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1883.553382][T17897] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1883.650456][T17897] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1883.657717][T17897] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1884.113175][T23031] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1884.475941][T23160] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5031'.
[ 1885.048670][T23031] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1885.485890][T22319] Bluetooth: hci5: command tx timeout
[ 1886.534261][T23199] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5044'.
[ 1886.731002][T23210] 9pnet_fd: Insufficient options for proto=fd
[ 1886.838500][T23031] veth0_vlan: entered promiscuous mode
[ 1886.870460][T22319] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[ 1886.902847][T23031] veth1_vlan: entered promiscuous mode
[ 1886.991561][T23031] veth0_macvtap: entered promiscuous mode
[ 1887.039023][T23031] veth1_macvtap: entered promiscuous mode
[ 1887.102358][T23031] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1887.156177][T23031] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1887.199216][T21152] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1888.186755][T17906] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1888.316829][T17906] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1888.408085][T17906] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1888.607306][T23232] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5057'.
[ 1888.697118][T17897] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1888.708855][T17897] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1888.883856][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1888.905080][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1890.391329][T23268] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5069'.
[ 1891.595750][T23282] binder: 23281:23282 unknown command 0
[ 1891.631336][T23286] binder: BINDER_SET_CONTEXT_MGR already set
[ 1891.645696][T23282] binder: 23281:23282 ioctl c0306201 200000000080 returned -22
[ 1891.650022][T23286] binder: 23281:23286 ioctl 4018620d 200000000040 returned -16
[ 1891.805457][T23291] overlayfs: failed to clone upperpath
[ 1891.913938][T23293] netlink: 'syz.7.5079': attribute type 10 has an invalid length.
[ 1891.923321][T14666] usb 7-1: new low-speed USB device number 5 using dummy_hcd
[ 1891.943062][T23293] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1891.950918][T23293] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1891.983209][T23293] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1891.990475][T23293] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1891.998105][T23293] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1892.005343][T23293] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1892.032211][T23293] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1892.098697][T14666] usb 7-1: New USB device found, idVendor=046d, idProduct=08b1, bcdDevice=6d.2a
[ 1892.108678][T14666] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1892.179182][T14666] usb 7-1: config 0 descriptor??
[ 1892.195212][T14666] pwc: Logitech QuickCam Notebook Pro USB webcam detected.
[ 1892.398909][T14666] pwc: Failed to set LED on/off time (-71)
[ 1892.407257][T14666] pwc: send_video_command error -71
[ 1892.419273][T14666] pwc: Failed to set video mode VGA@30 fps; return code = -71
[ 1892.427561][T22319] Bluetooth: hci5: command tx timeout
[ 1892.477106][T14666] Philips webcam 7-1:0.0: probe with driver Philips webcam failed with error -71
[ 1892.488914][T14666] usb 7-1: USB disconnect, device number 5
[ 1895.788638][T23337] netlink: 'syz.6.5094': attribute type 10 has an invalid length.
[ 1895.806321][T23337] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1895.813665][T23337] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1896.875431][T23343] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1896.875431][T23343]    program syz.6.5096 not setting count and/or reply_len properly
[ 1902.291217][T23388] netlink: 56 bytes leftover after parsing attributes in process `syz.7.5109'.
[ 1903.656721][T23410] netlink: 'syz.4.5116': attribute type 10 has an invalid length.
[ 1903.739845][T23410] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1905.922151][T23431] netlink: 56 bytes leftover after parsing attributes in process `syz.8.5123'.
[ 1911.031043][T23470] netlink: 56 bytes leftover after parsing attributes in process `syz.8.5134'.
[ 1912.262453][T23487] autofs: Unknown parameter './file0'
[ 1915.923621][T23524] autofs: Unknown parameter './file0'
[ 1917.249324][T23540] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.5155'.
[ 1917.573406][T23550] netlink: 'syz.7.5159': attribute type 10 has an invalid length.
[ 1917.593440][T23550] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1917.601166][T23550] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1918.860162][T23558] I/O error, dev loop7, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[ 1918.877316][T23558] EXT4-fs (loop7): unable to read superblock
[ 1922.815641][T23594] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5172'.
[ 1926.126762][T23603] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[ 1926.126762][T23603]    program syz.6.5176 not setting count and/or reply_len properly
[ 1927.307498][T23625] overlayfs: failed to clone upperpath
[ 1928.379318][T23640] netlink: 56 bytes leftover after parsing attributes in process `syz.7.5185'.
[ 1928.607275][T23644] overlayfs: failed to clone upperpath
[ 1931.787771][T23679] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5197'.
[ 1932.457902][T23670] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1933.050972][T23693] overlayfs: failed to clone upperpath
[ 1933.351096][T23695] netlink: 368 bytes leftover after parsing attributes in process `syz.7.5202'.
[ 1936.358475][T23721] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5210'.
[ 1936.394351][T23723] autofs: Unknown parameter './file0'
[ 1936.409777][T23721] netlink: 44 bytes leftover after parsing attributes in process `syz.4.5210'.
[ 1937.551553][T23735] netlink: 368 bytes leftover after parsing attributes in process `syz.4.5215'.
[ 1937.735993][T23739] netlink: 56 bytes leftover after parsing attributes in process `syz.6.5216'.
[ 1938.160610][T23740] overlayfs: failed to clone upperpath
[ 1938.931009][T23744] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1939.240089][T23744] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1939.436079][T23744] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1939.921791][T23744] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1940.160263][T17906] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1940.170498][   T36] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1940.226335][   T36] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1940.245678][   T36] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1940.295990][T23762] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5223'.
[ 1941.804477][T23783] netlink: 165 bytes leftover after parsing attributes in process `syz.7.5228'.
[ 1944.240864][T23807] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5236'.
[ 1944.284184][T23796] overlayfs: failed to clone upperpath
[ 1944.414996][T23810] I/O error, dev loop6, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[ 1944.458190][T23812] netlink: 'syz.4.5238': attribute type 11 has an invalid length.
[ 1944.467714][T23810] EXT4-fs (loop6): unable to read superblock
[ 1944.908882][T23820] autofs: Bad value for 'fd'
[ 1945.664544][T23836] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5247'.
[ 1946.136054][T23845] netlink: 'syz.6.5250': attribute type 11 has an invalid length.
[ 1946.572804][T23853] I/O error, dev loop7, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[ 1946.586502][T23853] EXT4-fs (loop7): unable to read superblock
[ 1946.711064][T23855] autofs: Bad value for 'fd'
[ 1948.100375][T23870] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5258'.
[ 1949.310685][T23884] netlink: 'syz.6.5262': attribute type 11 has an invalid length.
[ 1949.684449][T23894] vxcan2: entered allmulticast mode
[ 1949.703167][T23893] I/O error, dev loop6, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[ 1949.742654][T23893] EXT4-fs (loop6): unable to read superblock
[ 1949.751040][T23891] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1950.188341][T23902] netlink: 20 bytes leftover after parsing attributes in process `syz.9.5267'.
[ 1951.265787][T23910] netlink: 44 bytes leftover after parsing attributes in process `syz.8.5268'.
[ 1951.873582][T23913] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5270'.
[ 1953.017587][T23932] netlink: 'syz.4.5276': attribute type 11 has an invalid length.
[ 1955.807869][T23962] netlink: 368 bytes leftover after parsing attributes in process `syz.6.5288'.
[ 1955.914823][T23966] netlink: 'syz.7.5289': attribute type 11 has an invalid length.
[ 1956.311422][T23958] overlayfs: failed to clone upperpath
[ 1957.574234][T23975] netlink: 20 bytes leftover after parsing attributes in process `syz.7.5291'.
[ 1959.887226][T23998] netlink: 'syz.7.5301': attribute type 11 has an invalid length.
[ 1959.981967][T24004] netlink: 368 bytes leftover after parsing attributes in process `syz.6.5304'.
[ 1962.635052][T24013] overlayfs: failed to clone upperpath
[ 1962.832723][T24043] netlink: 'syz.8.5315': attribute type 11 has an invalid length.
[ 1963.334399][T24051] netlink: 368 bytes leftover after parsing attributes in process `syz.4.5319'.
[ 1966.543988][T24089] netlink: 'syz.6.5328': attribute type 11 has an invalid length.
[ 1966.635851][T24090] netlink: 24 bytes leftover after parsing attributes in process `syz.6.5328'.
[ 1968.406213][T24102] fuse: Bad value for 'fd'
[ 1968.641728][T24104] netlink: 368 bytes leftover after parsing attributes in process `syz.6.5334'.
[ 1969.707770][T24098] overlayfs: failed to clone upperpath
[ 1969.900880][T24112] bridge_slave_1: left allmulticast mode
[ 1969.906923][T24112] bridge_slave_1: left promiscuous mode
[ 1969.912668][T24112] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1970.118012][T24112] net_ratelimit: 10 callbacks suppressed
[ 1970.118030][T24112] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[ 1971.292638][T24131] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5339'.
[ 1972.264634][T24145] 9pnet: p9_errstr2errno: server reported unknown error �@c�F	S+�
[ 1974.578144][T24159] veth0_to_team: entered promiscuous mode
[ 1974.676895][T24164] overlayfs: failed to clone upperpath
[ 1977.799601][T24192] 9pnet: p9_errstr2errno: server reported unknown error �@c�F	S+�
[ 1979.236400][T24227] fuse: Unknown parameter '184467440737095516150xffffffffffffffff'
[ 1979.246998][T24227] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5370'.
[ 1979.336612][T24225] 9pnet_fd: Insufficient options for proto=fd
[ 1979.923782][T24239] 9pnet: p9_errstr2errno: server reported unknown error �@c�F	S+�
[ 1980.330074][T24241] netlink: 'syz.8.5375': attribute type 11 has an invalid length.
[ 1980.381270][T24241] netlink: 16 bytes leftover after parsing attributes in process `syz.8.5375'.
[ 1982.269746][T24255] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1983.858047][T24273] netlink: 'syz.7.5387': attribute type 11 has an invalid length.
[ 1984.125188][T24273] netlink: 16 bytes leftover after parsing attributes in process `syz.7.5387'.
[ 1984.658390][T24291] netlink: 'syz.7.5392': attribute type 1 has an invalid length.
[ 1984.666386][T24291] netlink: 'syz.7.5392': attribute type 2 has an invalid length.
[ 1984.676710][T24291] netlink: 148 bytes leftover after parsing attributes in process `syz.7.5392'.
[ 1990.339961][T24347] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5410'.
[ 1993.687282][T24383] netlink: 20 bytes leftover after parsing attributes in process `syz.7.5423'.
[ 1994.910618][   T30] kauditd_printk_skb: 1 callbacks suppressed
[ 1994.910637][   T30] audit: type=1326 audit(1766464125.509:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24389 comm="syz.6.5426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1298eba9 code=0x7ffc0000
[ 1995.031625][   T30] audit: type=1326 audit(1766464125.509:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24389 comm="syz.6.5426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1298eba9 code=0x7ffc0000
[ 1995.256151][   T30] audit: type=1326 audit(1766464125.569:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24389 comm="syz.6.5426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7fde1298eba9 code=0x7ffc0000
[ 1995.319336][   T30] audit: type=1326 audit(1766464125.569:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24389 comm="syz.6.5426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1298eba9 code=0x7ffc0000
[ 1995.469912][   T30] audit: type=1326 audit(1766464125.579:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24389 comm="syz.6.5426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fde1298eba9 code=0x7ffc0000
[ 1995.681344][   T30] audit: type=1326 audit(1766464125.579:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24389 comm="syz.6.5426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1298eba9 code=0x7ffc0000
[ 1995.745569][   T30] audit: type=1326 audit(1766464125.579:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24389 comm="syz.6.5426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fde1298eba9 code=0x7ffc0000
[ 1995.793232][   T30] audit: type=1326 audit(1766464125.579:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24389 comm="syz.6.5426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1298eba9 code=0x7ffc0000
[ 1996.012746][   T30] audit: type=1326 audit(1766464125.579:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24389 comm="syz.6.5426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fde1298eba9 code=0x7ffc0000
[ 1996.051964][   T30] audit: type=1326 audit(1766464125.579:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24389 comm="syz.6.5426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1298eba9 code=0x7ffc0000
[ 1998.159688][T24433] lo speed is unknown, defaulting to 1000
[ 2010.209512][T24568] Invalid source name
[ 2012.880761][T24589] netlink: 'syz.4.5488': attribute type 11 has an invalid length.
[ 2013.140664][T24593] netlink: 'syz.9.5491': attribute type 1 has an invalid length.
[ 2014.160767][T24606] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5495'.
[ 2018.102731][T24635] netlink: 'syz.8.5504': attribute type 11 has an invalid length.
[ 2018.277937][T24636] No source specified
[ 2023.520166][T24680] netlink: 20 bytes leftover after parsing attributes in process `syz.6.5516'.
[ 2024.548261][T24693] autofs: Unknown parameter '0x0000000000000000'
[ 2027.682916][T24732] autofs: Unknown parameter '0x0000000000000000'
[ 2029.029645][T24745] overlayfs: failed to resolve './bus': -2
[ 2029.380539][T24753] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5541'.
[ 2029.812880][T24757] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5543'.
[ 2031.406300][T24777] autofs: Unknown parameter 'fd0x0000000000000000'
[ 2033.173651][T24807] overlayfs: failed to clone upperpath
[ 2033.871201][T24818] autofs: Unknown parameter 'fd0x0000000000000000'
[ 2035.632192][T24856] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5575'.
[ 2036.889903][T24868] 9pnet_fd: Insufficient options for proto=fd
[ 2038.897880][T24878] autofs: Unknown parameter 'fd0x0000000000000000'
[ 2038.941036][T24882] overlayfs: failed to clone upperpath
[ 2039.202532][T24885] netlink: 'syz.6.5585': attribute type 11 has an invalid length.
[ 2039.856445][T24898] 9pnet: p9_errstr2errno: server reported unknown error �@c�F	S+��
[ 2040.080683][T24905] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5592'.
[ 2040.584136][T24911] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5593'.
[ 2042.779415][T24925] netlink: 'syz.4.5598': attribute type 11 has an invalid length.
[ 2043.094892][T24930] netlink: 56 bytes leftover after parsing attributes in process `syz.8.5600'.
[ 2044.127520][T24934] overlayfs: failed to clone upperpath
[ 2046.188312][T24966] netlink: 'syz.4.5612': attribute type 11 has an invalid length.
[ 2046.870034][T24975] netlink: 56 bytes leftover after parsing attributes in process `syz.6.5615'.
[ 2048.568650][T21557] libceph: connect (1)[c::]:6789 error -101
[ 2048.581923][T21557] libceph: mon0 (1)[c::]:6789 connect error
[ 2048.702638][T24985] ceph: No mds server is up or the cluster is laggy
[ 2049.099820][T25007] netlink: 'syz.9.5624': attribute type 11 has an invalid length.
[ 2050.055175][T25005] overlayfs: failed to clone upperpath
[ 2050.776226][T25025] netlink: 56 bytes leftover after parsing attributes in process `syz.9.5629'.
[ 2053.890955][T25045] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[ 2055.290925][T25064] @: renamed from vlan0 (while UP)
[ 2057.619898][T25082] netlink: 56 bytes leftover after parsing attributes in process `syz.6.5647'.
[ 2057.879240][T25086] netlink: 368 bytes leftover after parsing attributes in process `syz.4.5650'.
[ 2060.612890][T25122] overlayfs: failed to clone upperpath
[ 2060.763706][T25126] netlink: 56 bytes leftover after parsing attributes in process `syz.7.5662'.
[ 2060.829570][T25130] netlink: 368 bytes leftover after parsing attributes in process `syz.6.5664'.
[ 2065.771755][T25168] netlink: 56 bytes leftover after parsing attributes in process `syz.6.5675'.
[ 2068.826325][T25196] overlayfs: failed to clone upperpath
[ 2071.836016][T25224] lo speed is unknown, defaulting to 1000
[ 2073.348238][T25242] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5695'.
[ 2074.466044][T25247] overlayfs: failed to clone upperpath
[ 2080.773998][T22319] Bluetooth: hci5: command 0x0406 tx timeout
[ 2080.966530][T25304] netlink: 56 bytes leftover after parsing attributes in process `syz.9.5716'.
[ 2081.165262][T25306] netlink: 368 bytes leftover after parsing attributes in process `syz.8.5715'.
[ 2083.167341][T25322] overlayfs: failed to clone upperpath
[ 2085.610776][T25342] batadv1: entered promiscuous mode
[ 2085.637808][T25342] 8021q: adding VLAN 0 to HW filter on device batadv1
[ 2088.863265][T25375] netlink: 56 bytes leftover after parsing attributes in process `syz.6.5735'.
[ 2089.630385][T25379] rdma_op ffff88805f6e71f0 conn xmit_rdma 0000000000000000
[ 2094.800280][T25405] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5745'.
[ 2095.617726][T25435] Invalid source name
[ 2095.746206][T25437] netlink: 56 bytes leftover after parsing attributes in process `syz.9.5755'.
[ 2100.141545][T25470] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5766'.
[ 2108.958276][T25512] netlink: 'syz.9.5779': attribute type 10 has an invalid length.
[ 2109.007473][T25512] netlink: 40 bytes leftover after parsing attributes in process `syz.9.5779'.
[ 2109.029322][T25512] team0: entered promiscuous mode
[ 2109.065670][   T30] kauditd_printk_skb: 9 callbacks suppressed
[ 2109.065701][   T30] audit: type=1800 audit(1766464239.650:282): pid=25518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.5782" name="file1" dev="tmpfs" ino=1365 res=0 errno=0
[ 2109.092574][T25512] team_slave_0: entered promiscuous mode
[ 2109.105498][T25512] team_slave_1: entered promiscuous mode
[ 2109.128066][T25512] team0: entered allmulticast mode
[ 2109.145024][T25512] team_slave_0: entered allmulticast mode
[ 2109.164779][T25512] team_slave_1: entered allmulticast mode
[ 2109.172859][T25512] bridge0: port 3(team0) entered blocking state
[ 2109.181058][T25512] bridge0: port 3(team0) entered disabled state
[ 2109.192575][T25512] bridge0: port 3(team0) entered blocking state
[ 2109.199174][T25512] bridge0: port 3(team0) entered forwarding state
[ 2110.525049][T25532] overlayfs: failed to clone upperpath
[ 2111.710212][T25550] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5794'.
[ 2111.958603][T25557] netlink: 165 bytes leftover after parsing attributes in process `syz.6.5793'.
[ 2121.347812][T25641] netlink: 'syz.9.5824': attribute type 10 has an invalid length.
[ 2121.355980][T25641] netlink: 40 bytes leftover after parsing attributes in process `syz.9.5824'.
[ 2122.640575][T25658] netlink: 'syz.6.5830': attribute type 1 has an invalid length.
[ 2122.700510][T25658] netlink: 'syz.6.5830': attribute type 2 has an invalid length.
[ 2123.105313][T21150] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[ 2123.133291][T21150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2123.160937][T21150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2123.540029][T25677] netlink: 'syz.6.5840': attribute type 8 has an invalid length.
[ 2129.571515][T25726] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5855'.
[ 2129.662482][T25726] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5855'.
[ 2129.725223][T14250] Bluetooth: hci5: Malformed MSFT vendor event: 0x02
[ 2129.804908][T25729] overlayfs: failed to resolve './file1': -2
[ 2130.076883][T25742] netlink: 368 bytes leftover after parsing attributes in process `syz.9.5862'.
[ 2132.151619][T25782] syz.7.5872 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[ 2132.901597][T25780] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 2133.096651][T25789] netlink: 368 bytes leftover after parsing attributes in process `syz.9.5880'.
[ 2136.959422][T25829] netlink: 'syz.4.5895': attribute type 10 has an invalid length.
[ 2136.992222][T25829] netlink: 40 bytes leftover after parsing attributes in process `syz.4.5895'.
[ 2137.022141][T25829] team0: entered promiscuous mode
[ 2137.040326][T25829] team0: entered allmulticast mode
[ 2137.057515][T25829] vlan0: entered allmulticast mode
[ 2137.069460][T25829] veth0_vlan: entered allmulticast mode
[ 2137.083803][T25829] bridge0: port 1(team0) entered blocking state
[ 2137.090482][T25829] bridge0: port 1(team0) entered disabled state
[ 2137.828821][T25829] bridge0: port 1(team0) entered blocking state
[ 2137.835169][T25829] bridge0: port 1(team0) entered forwarding state
[ 2141.004288][T25874] netlink: 'syz.4.5912': attribute type 10 has an invalid length.
[ 2141.034743][T25874] netlink: 40 bytes leftover after parsing attributes in process `syz.4.5912'.
[ 2144.189853][T25922] ip6gretap0 speed is unknown, defaulting to 1000
[ 2144.199168][T25922] ip6gretap0 speed is unknown, defaulting to 1000
[ 2144.206641][T25922] ip6gretap0 speed is unknown, defaulting to 1000
[ 2144.429732][T25922] infiniband syz2: set active
[ 2144.434729][T25922] infiniband syz2: added ip6gretap0
[ 2144.698558][T25922] RDS/IB: syz2: added
[ 2144.703746][T25922] smc: adding ib device syz2 with port count 1
[ 2144.710249][T25922] smc:    ib device syz2 port 1 has no pnetid
[ 2144.719513][T25922] ip6gretap0 speed is unknown, defaulting to 1000
[ 2144.962773][ T1543] ip6gretap0 speed is unknown, defaulting to 1000
[ 2144.971073][ T5947] ip6gretap0 speed is unknown, defaulting to 1000
[ 2145.021446][T25922] ip6gretap0 speed is unknown, defaulting to 1000
[ 2145.274191][T25922] ip6gretap0 speed is unknown, defaulting to 1000
[ 2145.516824][T25922] ip6gretap0 speed is unknown, defaulting to 1000
[ 2145.752632][T25922] ip6gretap0 speed is unknown, defaulting to 1000
[ 2146.089174][T25922] ip6gretap0 speed is unknown, defaulting to 1000
[ 2146.326460][T25922] ip6gretap0 speed is unknown, defaulting to 1000
[ 2146.569330][T25922] ip6gretap0 speed is unknown, defaulting to 1000
[ 2154.990168][T26000] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 2155.771308][T26016] fuse: Bad value for 'fd'
[ 2155.855609][T26017] overlayfs: missing 'lowerdir'
[ 2156.987418][T26025] netlink: 'syz.4.5953': attribute type 1 has an invalid length.
[ 2157.258658][T26025] veth3: entered promiscuous mode
[ 2158.202927][T26027] overlayfs: failed to clone upperpath
[ 2160.552295][T26055] netlink: 'syz.4.5964': attribute type 4 has an invalid length.
[ 2160.606960][T26059] netlink: 'syz.4.5964': attribute type 4 has an invalid length.
[ 2165.465845][   T30] audit: type=1326 audit(1766464296.030:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26102 comm="syz.7.5977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa19f8eba9 code=0x7ffc0000
[ 2165.625569][   T30] audit: type=1326 audit(1766464296.030:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26102 comm="syz.7.5977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa19f8eba9 code=0x7ffc0000
[ 2165.705740][   T30] audit: type=1326 audit(1766464296.040:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26102 comm="syz.7.5977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7ffa19f8eba9 code=0x7ffc0000
[ 2165.888132][   T30] audit: type=1326 audit(1766464296.040:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26102 comm="syz.7.5977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa19f8eba9 code=0x7ffc0000
[ 2166.020101][   T30] audit: type=1326 audit(1766464296.040:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26102 comm="syz.7.5977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ffa19f8eba9 code=0x7ffc0000
[ 2166.329123][   T30] audit: type=1326 audit(1766464296.040:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26102 comm="syz.7.5977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa19f8eba9 code=0x7ffc0000
[ 2166.404747][   T30] audit: type=1326 audit(1766464296.040:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26102 comm="syz.7.5977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7ffa19f8eba9 code=0x7ffc0000
[ 2166.561947][   T30] audit: type=1326 audit(1766464296.150:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26102 comm="syz.7.5977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa19f8eba9 code=0x7ffc0000
[ 2166.821099][   T30] audit: type=1326 audit(1766464296.150:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26102 comm="syz.7.5977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa19f8eba9 code=0x7ffc0000
[ 2166.975625][   T30] audit: type=1326 audit(1766464296.150:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26102 comm="syz.7.5977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ffa19f8eba9 code=0x7ffc0000
[ 2169.562795][T26141] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5987'.
[ 2171.425740][T26146] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5989'.
[ 2172.665111][T26162] 
: renamed from bridge_slave_0 (while UP)
[ 2173.435547][T26177] overlayfs: failed to clone upperpath
[ 2174.664843][T26191] netlink: 'syz.8.6003': attribute type 6 has an invalid length.
[ 2178.778294][T26223] netlink: 20 bytes leftover after parsing attributes in process `syz.7.6014'.
[ 2178.787388][T26223] netlink: 20 bytes leftover after parsing attributes in process `syz.7.6014'.
[ 2179.057417][T26223] netlink: 20 bytes leftover after parsing attributes in process `syz.7.6014'.
[ 2179.066635][T26223] netlink: 20 bytes leftover after parsing attributes in process `syz.7.6014'.
[ 2179.645473][T26240] netlink: 12 bytes leftover after parsing attributes in process `syz.9.6016'.
[ 2182.357204][T26278] netlink: 'syz.6.6021': attribute type 1 has an invalid length.
[ 2185.770295][T26307] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6029'.
[ 2186.856908][T26311] netlink: 'syz.6.6030': attribute type 21 has an invalid length.
[ 2186.864780][T26311] netlink: 128 bytes leftover after parsing attributes in process `syz.6.6030'.
[ 2187.085884][T26311] netlink: 'syz.6.6030': attribute type 4 has an invalid length.
[ 2187.093670][T26311] netlink: 3 bytes leftover after parsing attributes in process `syz.6.6030'.
[ 2193.458570][T26341] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2193.465980][T26341] bridge0: port 1(
) entered disabled state
[ 2193.530526][T26341] batman_adv: batadv0: Interface deactivated: dummy0
[ 2193.665276][T26341] veth0_to_team: left promiscuous mode
[ 2193.724766][T26341] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2193.761664][T26341] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2193.942023][ T1543] ip6gretap0 speed is unknown, defaulting to 1000
[ 2194.085434][T16841] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2194.125500][ T1543] syz2: Port: 1 Link DOWN
[ 2194.159431][T21148] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2194.187627][T21557] ip6gretap0 speed is unknown, defaulting to 1000
[ 2194.197484][T21148] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2194.230604][T21148] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 2194.621699][T26373] overlayfs: failed to clone upperpath
[ 2196.264286][T26415] netlink: 'syz.6.6058': attribute type 10 has an invalid length.
[ 2196.275146][T26415] netlink: 40 bytes leftover after parsing attributes in process `syz.6.6058'.
[ 2196.291368][T26415] team0: entered promiscuous mode
[ 2196.336608][T26415] team_slave_0: entered promiscuous mode
[ 2196.365124][T26415] team_slave_1: entered promiscuous mode
[ 2196.385042][T26415] team0: entered allmulticast mode
[ 2196.421848][T26415] team_slave_0: entered allmulticast mode
[ 2196.911294][T26415] team_slave_1: entered allmulticast mode
[ 2196.926310][T26415] bridge0: port 3(team0) entered blocking state
[ 2197.001987][T26415] bridge0: port 3(team0) entered disabled state
[ 2199.015368][    C0] hrtimer: interrupt took 51945 ns
[ 2199.707150][T26459] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6070'.
[ 2200.267823][T26458] netlink: 12 bytes leftover after parsing attributes in process `syz.9.6072'.
[ 2200.353662][T26439] overlayfs: failed to clone upperpath
[ 2200.675065][T26469] overlayfs: missing 'lowerdir'
[ 2201.351035][T26483] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6076'.
[ 2203.567335][T26516] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6087'.
[ 2203.968031][T26518] netlink: 27 bytes leftover after parsing attributes in process `syz.6.6091'.
[ 2205.738188][T26528] tipc: Started in network mode
[ 2205.743163][T26528] tipc: Node identity 4, cluster identity 4711
[ 2205.749423][T26528] tipc: Node number set to 4
[ 2207.527809][T26559] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6102'.
[ 2208.317870][ T1104] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[ 2208.338388][T26562] overlayfs: failed to clone upperpath
[ 2208.384319][ T1104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2208.423822][ T1104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2215.703294][T26607] netlink: 'syz.8.6117': attribute type 10 has an invalid length.
[ 2215.739276][T26607] netlink: 40 bytes leftover after parsing attributes in process `syz.8.6117'.
[ 2215.795445][T26612] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6116'.
[ 2216.469869][T26607] team0: entered promiscuous mode
[ 2216.475081][T26607] team_slave_0: entered promiscuous mode
[ 2216.481091][T26607] team_slave_1: entered promiscuous mode
[ 2216.491681][T26607] team0: entered allmulticast mode
[ 2216.498053][T26607] team_slave_0: entered allmulticast mode
[ 2216.504759][T26607] team_slave_1: entered allmulticast mode
[ 2216.513794][T26607] 8021q: adding VLAN 0 to HW filter on device team0
[ 2216.521612][T26607] bridge0: port 3(team0) entered blocking state
[ 2216.530224][T26607] bridge0: port 3(team0) entered disabled state
[ 2216.572190][T26616] (unnamed net_device) (uninitialized): Removing last ns target with arp_interval on
[ 2219.081790][T26664] netlink: 116 bytes leftover after parsing attributes in process `syz.9.6132'.
[ 2220.395758][T26641] overlayfs: failed to clone upperpath
[ 2226.455730][T26729] wg1: entered promiscuous mode
[ 2226.475492][T26729] wg1: entered allmulticast mode
[ 2226.588917][T26735] netlink: 'syz.4.6153': attribute type 10 has an invalid length.
[ 2226.635596][T26735] netlink: 40 bytes leftover after parsing attributes in process `syz.4.6153'.
[ 2229.123666][T26760] overlayfs: failed to clone upperpath
[ 2232.624198][   T30] kauditd_printk_skb: 11 callbacks suppressed
[ 2232.624217][   T30] audit: type=1800 audit(1766464363.220:304): pid=26791 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.6172" name="nullb0" dev="tmpfs" ino=999 res=0 errno=0
[ 2236.017612][T26823] netlink: 20 bytes leftover after parsing attributes in process `syz.9.6183'.
[ 2236.096689][T26818] libceph: resolve '.
[ 2236.096689][T26818] #)|.��f��ǝ�a���2s�o�w���?�'�%ЏKAq�f��C���z�e�Sb3L)Hy�o����������Ǥ�Y�M�����h�E$
[ 2236.096689][T26818] ' (ret=-3): failed
[ 2237.531227][T26837] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2239.780314][T26836] overlayfs: failed to clone upperpath
[ 2241.843568][T26873] netlink: 368 bytes leftover after parsing attributes in process `syz.4.6199'.
[ 2242.047835][T26878] netlink: 116 bytes leftover after parsing attributes in process `syz.8.6200'.
[ 2242.519995][T14668] IPVS: starting estimator thread 0...
[ 2242.616071][T26883] IPVS: using max 25 ests per chain, 60000 per kthread
[ 2244.925210][T26912] netlink: 368 bytes leftover after parsing attributes in process `syz.7.6213'.
[ 2245.798166][T26925] overlayfs: failed to clone upperpath
[ 2246.121983][T26934] netlink: 'syz.7.6219': attribute type 16 has an invalid length.
[ 2246.142479][T26934] netlink: 'syz.7.6219': attribute type 17 has an invalid length.
[ 2246.211882][T26935] netlink: 72 bytes leftover after parsing attributes in process `syz.8.6220'.
[ 2246.924208][T26934] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2246.931497][T26934] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2246.959338][T26934] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 2247.573189][T26948] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6224'.
[ 2248.257883][T26955] netlink: 368 bytes leftover after parsing attributes in process `syz.8.6229'.
[ 2249.372589][T26961] netlink: 'syz.9.6228': attribute type 1 has an invalid length.
[ 2251.265961][T27001] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6241'.
[ 2251.919344][T27008] overlayfs: failed to clone upperpath
[ 2252.730301][T27013] netlink: 368 bytes leftover after parsing attributes in process `syz.8.6246'.
[ 2252.908479][T26988] overlayfs: failed to clone upperpath
[ 2253.067335][T27023] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[ 2253.200361][T27025] sctp: [Deprecated]: syz.6.6250 (pid 27025) Use of int in maxseg socket option.
[ 2253.200361][T27025] Use struct sctp_assoc_value instead
[ 2254.419805][T27043] netlink: 'syz.9.6256': attribute type 8 has an invalid length.
[ 2254.841660][T27058] netlink: 368 bytes leftover after parsing attributes in process `syz.9.6262'.
[ 2255.724573][T27076] overlayfs: failed to clone upperpath
[ 2260.298254][T27117] siw: device registration error -23
[ 2264.097052][T27157] netlink: 28 bytes leftover after parsing attributes in process `syz.9.6294'.
[ 2264.132148][T27157] netlink: 20 bytes leftover after parsing attributes in process `syz.9.6294'.
[ 2265.443801][T27173] overlayfs: failed to clone upperpath
[ 2270.181726][T27258] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6329'.
[ 2270.468845][T27259] netlink: 'syz.8.6327': attribute type 1 has an invalid length.
[ 2271.715685][T27257] overlayfs: failed to clone upperpath
[ 2273.711986][T27313] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6341'.
[ 2275.746872][T27340] overlayfs: failed to clone upperpath
[ 2276.885005][T27351] netlink: 'syz.7.6351': attribute type 1 has an invalid length.
[ 2278.474580][T27368] overlayfs: failed to clone upperpath
[ 2278.947113][T27382] /dev/nullb0: Can't lookup blockdev
[ 2278.962918][T27382] siw: device registration error -23
[ 2279.549180][   T30] audit: type=1800 audit(1766464410.150:305): pid=27380 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.6361" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[ 2281.490363][T27411] netlink: 'syz.9.6370': attribute type 1 has an invalid length.
[ 2283.678289][T27436] overlayfs: failed to clone upperpath
[ 2287.641176][T27479] netlink: 368 bytes leftover after parsing attributes in process `syz.4.6395'.
[ 2287.776338][   T30] audit: type=1326 audit(1766464418.370:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27484 comm="syz.7.6396" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ffa19f8eba9 code=0x0
[ 2287.960045][T27494] netlink: 116 bytes leftover after parsing attributes in process `syz.6.6397'.
[ 2291.227246][T27527] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 2291.236054][T27527] overlayfs: missing 'lowerdir'
[ 2292.167417][T27532] netlink: 368 bytes leftover after parsing attributes in process `syz.8.6414'.
[ 2294.093065][T27573] netlink: 116 bytes leftover after parsing attributes in process `syz.4.6426'.
[ 2294.150903][T27575] netlink: 20 bytes leftover after parsing attributes in process `syz.8.6428'.
[ 2295.105098][T27586] netlink: 368 bytes leftover after parsing attributes in process `syz.7.6432'.
[ 2298.931802][T27625] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[ 2299.759603][T27632] netlink: 368 bytes leftover after parsing attributes in process `syz.8.6446'.
[ 2303.794708][T27669] netlink: 368 bytes leftover after parsing attributes in process `syz.4.6458'.
[ 2306.907480][T27701] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[ 2307.770887][T27713] netlink: 368 bytes leftover after parsing attributes in process `syz.8.6473'.
[ 2310.483285][T27753] netlink: 368 bytes leftover after parsing attributes in process `syz.9.6488'.
[ 2312.384277][T27786] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[ 2314.901889][T27814] netlink: 368 bytes leftover after parsing attributes in process `syz.9.6507'.
[ 2315.491365][T27817] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6508'.
[ 2315.675216][T27823] netlink: 'syz.7.6510': attribute type 10 has an invalid length.
[ 2315.683572][T27823] netlink: 40 bytes leftover after parsing attributes in process `syz.7.6510'.
[ 2315.692878][T27823] team0: entered promiscuous mode
[ 2315.698470][T27823] team_slave_0: entered promiscuous mode
[ 2315.704417][T27823] team_slave_1: entered promiscuous mode
[ 2315.746623][T27823] team0: entered allmulticast mode
[ 2315.757913][T27823] team_slave_0: entered allmulticast mode
[ 2315.764356][T27823] team_slave_1: entered allmulticast mode
[ 2316.036440][T27823] bridge0: port 2(team0) entered blocking state
[ 2316.043022][T27823] bridge0: port 2(team0) entered disabled state
[ 2316.066870][T27823] bridge0: port 2(team0) entered blocking state
[ 2316.073335][T27823] bridge0: port 2(team0) entered forwarding state
[ 2316.165647][T27833] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6511'.
[ 2318.169870][T27863] netlink: 368 bytes leftover after parsing attributes in process `syz.9.6522'.
[ 2321.118118][T27910] netlink: 368 bytes leftover after parsing attributes in process `syz.6.6538'.
[ 2324.884785][T27954] syz_tun: entered allmulticast mode
[ 2324.906321][T27953] syz_tun: left allmulticast mode
[ 2325.860798][T27958] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2326.173134][T27958] batman_adv: batadv0: Interface activated: dummy0
[ 2326.183255][T27958] batadv0: mtu less than device minimum
[ 2326.194999][T27958] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 2326.207106][T27958] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 2326.219148][T27958] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 2326.231176][T27958] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 2326.243194][T27958] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 2326.255188][T27958] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 2326.267202][T27958] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 2326.279103][T27958] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 2326.291126][T27958] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 2326.410648][T14666] ip6gretap0 speed is unknown, defaulting to 1000
[ 2326.417302][T14666] syz2: Port: 1 Link ACTIVE
[ 2326.424861][T14666] ip6gretap0 speed is unknown, defaulting to 1000
[ 2327.825085][T27990] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6562'.
[ 2330.371778][T28014] netlink: 'syz.6.6571': attribute type 5 has an invalid length.
[ 2331.681432][T28032] syz2: rxe_newlink: already configured on ip6gretap0
[ 2334.608423][T14666] IPVS: starting estimator thread 0...
[ 2334.920230][T28058] IPVS: using max 28 ests per chain, 67200 per kthread
[ 2334.979509][T28065] netlink: 20 bytes leftover after parsing attributes in process `syz.6.6586'.
[ 2339.363967][T28102] syz2: rxe_newlink: already configured on ip6gretap0
[ 2343.001166][T28124] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6599'.
[ 2343.348173][T28129] syz_tun: entered allmulticast mode
[ 2347.095594][T28163] rdma_rxe: rxe_newlink: failed to add ip6gretap0
[ 2354.805553][T28223] netlink: 52 bytes leftover after parsing attributes in process `syz.8.6627'.
[ 2357.085809][ T5947] IPVS: starting estimator thread 0...
[ 2357.197344][T28253] IPVS: using max 40 ests per chain, 96000 per kthread
[ 2357.597119][T28260] netlink: 52 bytes leftover after parsing attributes in process `syz.8.6639'.
[ 2358.840649][T28279] rdma_rxe: rxe_newlink: failed to add ip6gretap0
[ 2358.954111][T28280] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6643'.
[ 2360.065142][T28292] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6648'.
[ 2365.265635][T28337] lo speed is unknown, defaulting to 1000
[ 2365.274307][T28337] ip6gretap0 speed is unknown, defaulting to 1000
[ 2370.111829][T28364] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6667'.
[ 2372.406603][T28385] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6673'.
[ 2373.239043][T28390] netlink: 56 bytes leftover after parsing attributes in process `syz.6.6674'.
[ 2376.575707][T28424] autofs: Bad value for 'fd'
[ 2376.752452][T28426] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6681'.
[ 2377.676082][T28426] bond0: (slave bond_slave_1): Releasing backup interface
[ 2378.071169][T28447] netlink: 56 bytes leftover after parsing attributes in process `syz.8.6686'.
[ 2380.236035][T28473] debugfs: '!' already exists in 'ieee80211'
[ 2381.140217][T28490] netlink: 368 bytes leftover after parsing attributes in process `syz.6.6701'.
[ 2382.188799][T28500] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6702'.
[ 2383.172904][T28510] rdma_rxe: rxe_newlink: failed to add ip6gretap0
[ 2386.117009][T28531] fuse: Bad value for 'fd'
[ 2386.537674][T28545] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6716'.
[ 2389.738247][T28577] rdma_rxe: rxe_newlink: failed to add ip6gretap0
[ 2390.528912][T28587] netlink: 76 bytes leftover after parsing attributes in process `syz.8.6729'.
[ 2391.433950][T28598] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6730'.
[ 2396.111502][T28646] syz2: rxe_newlink: already configured on ip6gretap0
[ 2396.615021][T28647] netlink: 76 bytes leftover after parsing attributes in process `syz.6.6744'.
[ 2396.977924][T28653] overlayfs: failed to clone upperpath
[ 2401.510192][T28698] netlink: 76 bytes leftover after parsing attributes in process `syz.9.6758'.
[ 2405.447541][T28739] overlayfs: failed to clone upperpath
[ 2407.915495][T28747] netlink: 56 bytes leftover after parsing attributes in process `syz.9.6774'.
[ 2408.498411][T28762] fuse: Bad value for 'fd'
[ 2408.786317][T28767] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6777'.
[ 2409.375630][T28762] nfs: Unknown parameter '/dev/ubi_ctrl'
[ 2410.939631][T28784] overlayfs: failed to clone upperpath
[ 2418.347425][T28834] overlayfs: failed to clone upperpath
[ 2418.652969][T28851] netlink: 112 bytes leftover after parsing attributes in process `syz.7.6802'.
[ 2418.701198][T28851] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6802'.
[ 2419.196125][T28861] rdma_rxe: rxe_newlink: failed to add ip6gretap0
[ 2420.631011][T28868] netlink: 'syz.9.6807': attribute type 10 has an invalid length.
[ 2420.656946][T28868] netlink: 40 bytes leftover after parsing attributes in process `syz.9.6807'.
[ 2422.931234][T28890] netlink: 32 bytes leftover after parsing attributes in process `syz.7.6814'.
[ 2423.028016][T28892] netlink: 144 bytes leftover after parsing attributes in process `syz.8.6815'.
[ 2424.065528][T28898] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6816'.
[ 2425.305396][T28913] overlayfs: failed to clone upperpath
[ 2427.845200][T28939] netlink: 20 bytes leftover after parsing attributes in process `syz.6.6828'.
[ 2427.943188][T28944] netlink: 'syz.4.6830': attribute type 10 has an invalid length.
[ 2428.045347][T28944] netlink: 40 bytes leftover after parsing attributes in process `syz.4.6830'.
[ 2428.154337][T28947] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6829'.
[ 2429.598135][T28962] __vm_enough_memory: pid: 28962, comm: syz.4.6837, bytes: 21199661326336 not enough memory for the allocation
[ 2431.215718][T28966] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6839'.
[ 2432.067053][T28989] netlink: 20 bytes leftover after parsing attributes in process `syz.9.6845'.
[ 2432.376032][T28994] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6844'.
[ 2433.120736][T28997] netlink: 'syz.6.6847': attribute type 10 has an invalid length.
[ 2433.145413][T28997] netlink: 40 bytes leftover after parsing attributes in process `syz.6.6847'.
[ 2433.202518][T28997] /dev/nullb0: Can't lookup blockdev
[ 2433.253216][T29001] overlayfs: failed to clone upperpath
[ 2439.195770][T29073] netlink: 116 bytes leftover after parsing attributes in process `syz.4.6872'.
[ 2440.326182][T29098] netlink: 56 bytes leftover after parsing attributes in process `syz.6.6879'.
[ 2440.398880][T29103] fuse: Bad value for 'fd'
[ 2440.420816][T29103] nfs: Unknown parameter '/dev/ubi_ctrl'
[ 2442.732491][T29138] netlink: 116 bytes leftover after parsing attributes in process `syz.7.6893'.
[ 2442.955802][T29140] netlink: 56 bytes leftover after parsing attributes in process `syz.8.6894'.
[ 2443.445950][T29147] net_ratelimit: 11 callbacks suppressed
[ 2443.445971][T29147] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[ 2460.646773][T22319] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 2460.675474][T22319] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 2460.718228][T29175] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 2460.726557][T29175] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 2460.734786][T29175] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 2460.755524][T29175] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 2460.763312][T29175] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 2460.775708][T29175] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 2460.787271][T29175] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 2460.803180][T29175] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 2460.886835][T29178] netlink: 56 bytes leftover after parsing attributes in process `syz.7.6906'.
[ 2461.043335][T29171] lo speed is unknown, defaulting to 1000
[ 2461.405892][T29175] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 2461.422923][T29175] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 2461.454920][T29175] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 2461.463641][T29175] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 2461.483932][T29171] ip6gretap0 speed is unknown, defaulting to 1000
[ 2461.484019][T29168] lo speed is unknown, defaulting to 1000
[ 2461.628118][T29175] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 2461.853364][T17897] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2461.956956][T29168] ip6gretap0 speed is unknown, defaulting to 1000
[ 2462.142107][T29189] netlink: 'syz.7.6909': attribute type 10 has an invalid length.
[ 2462.151389][T29189] netlink: 40 bytes leftover after parsing attributes in process `syz.7.6909'.
[ 2462.297432][T17897] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2462.905781][T29175] Bluetooth: hci7: command tx timeout
[ 2462.905799][T22319] Bluetooth: hci6: command tx timeout
[ 2463.003506][T29183] lo speed is unknown, defaulting to 1000
[ 2463.865425][T22319] Bluetooth: hci1: command tx timeout
[ 2568.945104][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 2568.952360][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P56/1:b..l P29168/1:b..l
[ 2568.962122][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=170937, q=57 ncpus=2)
[ 2568.969869][    C0] task:syz-executor    state:R  running task     stack:25896 pid:29168 tgid:29168 ppid:29155  task_flags:0x400140 flags:0x00004002
[ 2568.985371][    C0] Call Trace:
[ 2568.988699][    C0]  <TASK>
[ 2568.991765][    C0]  __schedule+0x1798/0x4cc0
[ 2568.996344][    C0]  ? __pfx___schedule+0x10/0x10
[ 2569.001258][    C0]  ? preempt_schedule_irq+0xaa/0x150
[ 2569.006591][    C0]  preempt_schedule_irq+0xb5/0x150
[ 2569.011837][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[ 2569.018506][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[ 2569.024728][    C0]  irqentry_exit+0x6f/0x90
[ 2569.029290][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 2569.035364][    C0] RIP: 0010:lock_acquire+0x175/0x360
[ 2569.040811][    C0] Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 5b 7d 26 11 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e
[ 2569.061608][    C0] RSP: 0018:ffffc90003b2ee58 EFLAGS: 00000206
[ 2569.067723][    C0] RAX: 46fafe4b47756600 RBX: 0000000000000000 RCX: 46fafe4b47756600
[ 2569.075724][    C0] RDX: 0000000000000000 RSI: ffffffff8ddb2001 RDI: ffffffff8c037e00
[ 2569.083722][    C0] RBP: ffffffff8173bd25 R08: 0000000000000000 R09: ffffffff8173bd25
[ 2569.091720][    C0] R10: ffffc90003b2f018 R11: ffffffff81ac4710 R12: 0000000000000002
[ 2569.100171][    C0] R13: ffffffff8e33d660 R14: 0000000000000000 R15: 0000000000000246
[ 2569.108565][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 2569.113727][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 2569.120110][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 2569.125466][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 2569.131004][    C0]  ? create_new_namespaces+0x3f3/0x720
[ 2569.136599][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 2569.141839][    C0]  unwind_next_frame+0xc2/0x2390
[ 2569.147448][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 2569.152829][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 2569.158341][    C0]  ? copy_net_ns+0x31b/0x4d0
[ 2569.163075][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 2569.169445][    C0]  arch_stack_walk+0x11c/0x150
[ 2569.174272][    C0]  ? create_new_namespaces+0x3f3/0x720
[ 2569.179894][    C0]  stack_trace_save+0x9c/0xe0
[ 2569.185249][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[ 2569.191217][    C0]  ? kasan_save_track+0x3e/0x80
[ 2569.196147][    C0]  ? __kasan_kmalloc+0x93/0xb0
[ 2569.200961][    C0]  kasan_save_track+0x3e/0x80
[ 2569.205752][    C0]  ? kasan_save_track+0x3e/0x80
[ 2569.210643][    C0]  ? __kasan_slab_alloc+0x6c/0x80
[ 2569.215954][    C0]  ? kmem_cache_alloc_noprof+0x367/0x6e0
[ 2569.221722][    C0]  ? __kernfs_new_node+0xd7/0x7e0
[ 2569.226790][    C0]  ? kernfs_new_node+0x102/0x210
[ 2569.231790][    C0]  ? __kernfs_create_file+0x4b/0x2e0
[ 2569.237103][    C0]  ? sysfs_add_file_mode_ns+0x238/0x300
[ 2569.242676][    C0]  ? internal_create_group+0x66d/0x1110
[ 2569.248278][    C0]  ? sysfs_create_groups+0x59/0x120
[ 2569.253865][    C0]  ? ib_setup_port_attrs+0x140c/0x2070
[ 2569.259817][    C0]  ? add_one_compat_dev+0x3d6/0x5c0
[ 2569.265224][    C0]  ? rdma_dev_init_net+0x1dd/0x270
[ 2569.270660][    C0]  ? ops_init+0x35c/0x5c0
[ 2569.275229][    C0]  ? setup_net+0xfe/0x320
[ 2569.279693][    C0]  ? copy_net_ns+0x31b/0x4d0
[ 2569.284522][    C0]  ? create_new_namespaces+0x3f3/0x720
[ 2569.291337][    C0]  __kasan_slab_alloc+0x6c/0x80
[ 2569.296934][    C0]  kmem_cache_alloc_noprof+0x367/0x6e0
[ 2569.302826][    C0]  ? __asan_memcpy+0x40/0x70
[ 2569.307530][    C0]  ? __kernfs_new_node+0xd7/0x7e0
[ 2569.312878][    C0]  __kernfs_new_node+0xd7/0x7e0
[ 2569.317868][    C0]  ? __lock_acquire+0xab9/0xd20
[ 2569.323570][    C0]  ? __pfx___kernfs_new_node+0x10/0x10
[ 2569.330770][    C0]  ? kernfs_root+0x1c/0x230
[ 2569.336777][    C0]  ? kernfs_root+0x1c/0x230
[ 2569.341424][    C0]  ? kernfs_root+0x1c/0x230
[ 2569.346250][    C0]  ? kernfs_root+0x1c/0x230
[ 2569.350907][    C0]  kernfs_new_node+0x102/0x210
[ 2569.355823][    C0]  __kernfs_create_file+0x4b/0x2e0
[ 2569.361252][    C0]  sysfs_add_file_mode_ns+0x238/0x300
[ 2569.366705][    C0]  internal_create_group+0x66d/0x1110
[ 2569.372286][    C0]  ? kobject_add+0x155/0x220
[ 2569.377014][    C0]  ? __pfx_internal_create_group+0x10/0x10
[ 2569.383041][    C0]  ? trace_kmalloc+0x1f/0xd0
[ 2569.387688][    C0]  sysfs_create_groups+0x59/0x120
[ 2569.392759][    C0]  ib_setup_port_attrs+0x140c/0x2070
[ 2569.398220][    C0]  ? __pfx_ib_setup_port_attrs+0x10/0x10
[ 2569.403920][    C0]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2569.409965][    C0]  ? device_add+0x70b/0xb50
[ 2569.414783][    C0]  add_one_compat_dev+0x3d6/0x5c0
[ 2569.420197][    C0]  rdma_dev_init_net+0x1dd/0x270
[ 2569.425277][    C0]  ? __pfx_rdma_dev_init_net+0x10/0x10
[ 2569.431068][    C0]  ops_init+0x35c/0x5c0
[ 2569.435728][    C0]  setup_net+0xfe/0x320
[ 2569.440019][    C0]  ? __pfx_setup_net+0x10/0x10
[ 2569.444827][    C0]  ? copy_net_ns+0x304/0x4d0
[ 2569.449785][    C0]  ? down_read_killable+0x1d1/0x350
[ 2569.455374][    C0]  copy_net_ns+0x31b/0x4d0
[ 2569.459869][    C0]  create_new_namespaces+0x3f3/0x720
[ 2569.465224][    C0]  ? security_capable+0x7e/0x2e0
[ 2569.470382][    C0]  unshare_nsproxy_namespaces+0x11c/0x170
[ 2569.476144][    C0]  ksys_unshare+0x4c8/0x8c0
[ 2569.480691][    C0]  ? __pfx_ksys_unshare+0x10/0x10
[ 2569.485748][    C0]  ? dnotify_flush+0x1db/0x5e0
[ 2569.490556][    C0]  ? __pfx_fput_close_sync+0x10/0x10
[ 2569.495879][    C0]  ? do_raw_spin_unlock+0x122/0x240
[ 2569.501126][    C0]  __x64_sys_unshare+0x38/0x50
[ 2569.506908][    C0]  do_syscall_64+0xfa/0xfa0
[ 2569.511558][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2569.517427][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2569.524932][    C0]  ? clear_bhb_loop+0x60/0xb0
[ 2569.530136][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2569.536162][    C0] RIP: 0033:0x7f77a15903a7
[ 2569.540702][    C0] RSP: 002b:00007ffd70947988 EFLAGS: 00000202 ORIG_RAX: 0000000000000110
[ 2569.549674][    C0] RAX: ffffffffffffffda RBX: 00007f77a17d5f40 RCX: 00007f77a15903a7
[ 2569.558054][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
[ 2569.566319][    C0] RBP: 00007f77a17d67b8 R08: 0000000000000000 R09: 0000000000000000
[ 2569.574573][    C0] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000008
[ 2569.582769][    C0] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[ 2569.591715][    C0]  </TASK>
[ 2569.595077][    C0] task:kworker/1:1H    state:R  running task     stack:25304 pid:56    tgid:56    ppid:2      task_flags:0x4208060 flags:0x00004000
[ 2569.609326][    C0] Workqueue: kblockd blk_mq_requeue_work
[ 2569.615223][    C0] Call Trace:
[ 2569.618970][    C0]  <TASK>
[ 2569.621937][    C0]  __schedule+0x1798/0x4cc0
[ 2569.626519][    C0]  ? __pfx___schedule+0x10/0x10
[ 2569.631410][    C0]  ? irqentry_exit+0x74/0x90
[ 2569.636057][    C0]  ? preempt_schedule_irq+0xaa/0x150
[ 2569.641388][    C0]  preempt_schedule_irq+0xb5/0x150
[ 2569.646543][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[ 2569.652328][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[ 2569.658181][    C0]  irqentry_exit+0x6f/0x90
[ 2569.662661][    C0]  asm_sysvec_reschedule_ipi+0x1a/0x20
[ 2569.668150][    C0] RIP: 0010:scsi_queue_rq+0x11d7/0x2cc0
[ 2569.673744][    C0] Code: 00 74 08 4c 89 e7 e8 18 8b fa fb 4c 8b ad 60 02 00 00 48 89 5c 24 30 48 89 df 48 8b 34 24 e8 f0 70 ff ff 48 8d bd d8 01 00 00 <48> 89 f8 48 c1 e8 03 4c 89 f3 42 0f b6 04 30 84 c0 0f 85 72 14 00
[ 2569.693644][    C0] RSP: 0018:ffffc9000131f410 EFLAGS: 00000286
[ 2569.699747][    C0] RAX: fa01a11ad4fa5400 RBX: ffff8880260c6000 RCX: 0000000000000001
[ 2569.707750][    C0] RDX: ffffffff9a03fe80 RSI: ffffffff8c2f1a80 RDI: ffff8880261b09d8
[ 2569.715757][    C0] RBP: ffff8880261b0800 R08: 0000000000000000 R09: 0000000000000000
[ 2569.723757][    C0] R10: dffffc0000000000 R11: fffffbfff1f88787 R12: ffff8880261b0a60
[ 2569.731763][    C0] R13: 0000000000000003 R14: dffffc0000000000 R15: 1ffff11004c3614c
[ 2569.739901][    C0]  blk_mq_dispatch_rq_list+0x4c0/0x1900
[ 2569.745689][    C0]  ? __pfx_blk_mq_dispatch_rq_list+0x10/0x10
[ 2569.751707][    C0]  ? do_raw_spin_unlock+0x122/0x240
[ 2569.756951][    C0]  __blk_mq_sched_dispatch_requests+0x350/0x1570
[ 2569.763337][    C0]  ? __lock_acquire+0xab9/0xd20
[ 2569.768244][    C0]  ? __pfx___blk_mq_sched_dispatch_requests+0x10/0x10
[ 2569.775609][    C0]  ? blk_mq_run_hw_queue+0x239/0x4f0
[ 2569.780969][    C0]  blk_mq_sched_dispatch_requests+0xd7/0x190
[ 2569.787282][    C0]  ? blk_mq_run_hw_queue+0x239/0x4f0
[ 2569.792750][    C0]  blk_mq_run_hw_queue+0x404/0x4f0
[ 2569.798021][    C0]  ? blk_mq_run_hw_queues+0x332/0x430
[ 2569.803668][    C0]  blk_mq_run_hw_queues+0x33e/0x430
[ 2569.809018][    C0]  ? __pfx_blk_mq_run_hw_queues+0x10/0x10
[ 2569.815051][    C0]  ? preempt_schedule_thunk+0x16/0x30
[ 2569.820631][    C0]  blk_mq_requeue_work+0x717/0x760
[ 2569.825813][    C0]  ? __pfx_blk_mq_requeue_work+0x10/0x10
[ 2569.831512][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2569.836756][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[ 2569.842521][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[ 2569.848330][    C0]  process_scheduled_works+0xae1/0x17b0
[ 2569.853960][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2569.860697][    C0]  worker_thread+0x8a0/0xda0
[ 2569.865330][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 2569.872087][    C0]  ? __kthread_parkme+0x7b/0x200
[ 2569.877251][    C0]  kthread+0x711/0x8a0
[ 2569.881351][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 2569.886501][    C0]  ? __pfx_kthread+0x10/0x10
[ 2569.891209][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2569.896438][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2569.901826][    C0]  ? __pfx_kthread+0x10/0x10
[ 2569.906441][    C0]  ret_from_fork+0x4bc/0x870
[ 2569.911080][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 2569.916452][    C0]  ? __switch_to_asm+0x39/0x70
[ 2569.921993][    C0]  ? __switch_to_asm+0x33/0x70
[ 2569.926799][    C0]  ? __pfx_kthread+0x10/0x10
[ 2569.931411][    C0]  ret_from_fork_asm+0x1a/0x30
[ 2569.936226][    C0]  </TASK>
[ 2569.939370][    C0] rcu: rcu_preempt kthread starved for 10374 jiffies! g170937 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[ 2569.950685][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 2569.960704][    C0] rcu: RCU grace-period kthread stack dump:
[ 2569.966625][    C0] task:rcu_preempt     state:R  running task     stack:26464 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[ 2569.980256][    C0] Call Trace:
[ 2569.983661][    C0]  <TASK>
[ 2569.986634][    C0]  __schedule+0x1798/0x4cc0
[ 2569.991209][    C0]  ? __pfx___schedule+0x10/0x10
[ 2569.996123][    C0]  ? schedule+0x91/0x360
[ 2570.000413][    C0]  schedule+0x165/0x360
[ 2570.004626][    C0]  schedule_timeout+0x12b/0x270
[ 2570.009619][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[ 2570.015141][    C0]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 2570.021185][    C0]  ? __pfx_process_timeout+0x10/0x10
[ 2570.026519][    C0]  ? prepare_to_swait_event+0x341/0x380
[ 2570.032108][    C0]  rcu_gp_fqs_loop+0x301/0x1540
[ 2570.037029][    C0]  ? __pfx_rcu_watching_snap_recheck+0x10/0x10
[ 2570.043839][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 2570.049451][    C0]  ? _raw_spin_unlock_irq+0x45/0x50
[ 2570.054794][    C0]  ? finish_swait+0xcd/0x1f0
[ 2570.059449][    C0]  rcu_gp_kthread+0x99/0x390
[ 2570.064089][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 2570.069331][    C0]  ? __kthread_parkme+0x7b/0x200
[ 2570.074392][    C0]  ? __kthread_parkme+0x1a1/0x200
[ 2570.079464][    C0]  kthread+0x711/0x8a0
[ 2570.083577][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 2570.088819][    C0]  ? __pfx_kthread+0x10/0x10
[ 2570.093449][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2570.098691][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2570.103941][    C0]  ? __pfx_kthread+0x10/0x10
[ 2570.108576][    C0]  ret_from_fork+0x4bc/0x870
[ 2570.113233][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 2570.118623][    C0]  ? __switch_to_asm+0x39/0x70
[ 2570.123634][    C0]  ? __switch_to_asm+0x33/0x70
[ 2570.128712][    C0]  ? __pfx_kthread+0x10/0x10
[ 2570.133435][    C0]  ret_from_fork_asm+0x1a/0x30
[ 2570.138261][    C0]  </TASK>
[ 2570.141309][    C0] rcu: Stack dump where RCU GP kthread last ran:
[ 2570.147663][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT(full) 
[ 2570.156630][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2570.166721][    C0] RIP: 0010:pv_native_safe_halt+0x13/0x20
[ 2570.172500][    C0] Code: cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 03 7c 24 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[ 2570.192156][    C0] RSP: 0018:ffffffff8e007d80 EFLAGS: 000002c2
[ 2570.198274][    C0] RAX: 3b7b07e0535e4d00 RBX: ffffffff819697b8 RCX: 3b7b07e0535e4d00
[ 2570.206277][    C0] RDX: 0000000000000001 RSI: ffffffff8dbc0cb8 RDI: ffffffff8c037e00
[ 2570.214274][    C0] RBP: ffffffff8e007ea8 R08: ffff8880b8632fdb R09: 1ffff110170c65fb
[ 2570.222297][    C0] R10: dffffc0000000000 R11: ffffed10170c65fc R12: ffffffff8fc43c30
[ 2570.230652][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1c12a38
[ 2570.238698][    C0] FS:  0000000000000000(0000) GS:ffff8881259e1000(0000) knlGS:0000000000000000
[ 2570.247696][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2570.254314][    C0] CR2: 00007f6876a152e6 CR3: 000000002f670000 CR4: 00000000003526f0
[ 2570.262407][    C0] Call Trace:
[ 2570.265722][    C0]  <TASK>
[ 2570.268968][    C0]  default_idle+0x13/0x20
[ 2570.273516][    C0]  default_idle_call+0x74/0xb0
[ 2570.278934][    C0]  do_idle+0x1e8/0x510
[ 2570.283530][    C0]  ? __pfx_do_idle+0x10/0x10
[ 2570.289607][    C0]  cpu_startup_entry+0x44/0x60
[ 2570.294468][    C0]  rest_init+0x2de/0x300
[ 2570.298757][    C0]  start_kernel+0x3ae/0x410
[ 2570.303411][    C0]  x86_64_start_reservations+0x24/0x30
[ 2570.308954][    C0]  x86_64_start_kernel+0x143/0x1c0
[ 2570.314103][    C0]  common_startup_64+0x13e/0x147
[ 2570.319095][    C0]  </TASK>
[ 2570.543593][T22319] Bluetooth: hci6: command tx timeout
[ 2570.550479][T22319] Bluetooth: hci7: command tx timeout
[ 2570.556002][T22319] Bluetooth: hci1: command tx timeout
[ 2571.129662][T17897] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2571.955156][T29183] ip6gretap0 speed is unknown, defaulting to 1000
SYZFAIL: failed to send rpc
fd=3 want=1648 sent=0 n=-1 (errno 32: Broken pipe)
[ 2572.203598][T29199] syz-executor: vmalloc error: size 4194304, failed to allocated page array size 8192, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 2572.290360][T29199] CPU: 1 UID: 0 PID: 29199 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[ 2572.290392][T29199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2572.290406][T29199] Call Trace:
[ 2572.290415][T29199]  <TASK>
[ 2572.290424][T29199]  dump_stack_lvl+0x189/0x250
[ 2572.290460][T29199]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2572.290486][T29199]  ? __pfx__printk+0x10/0x10
[ 2572.290516][T29199]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 2572.290539][T29199]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 2572.290566][T29199]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[ 2572.290592][T29199]  warn_alloc+0x214/0x310
[ 2572.290621][T29199]  ? __pfx_warn_alloc+0x10/0x10
[ 2572.290653][T29199]  ? __get_vm_area_node+0x28f/0x300
[ 2572.290684][T29199]  ? kcov_ioctl+0x55/0x640
[ 2572.290715][T29199]  __vmalloc_node_range_noprof+0x67e/0x12f0
[ 2572.290781][T29199]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 2572.290824][T29199]  ? __pfx_kcov_ioctl+0x10/0x10
[ 2572.290851][T29199]  vmalloc_user_noprof+0xad/0xf0
[ 2572.290883][T29199]  ? kcov_ioctl+0x55/0x640
[ 2572.290911][T29199]  kcov_ioctl+0x55/0x640
[ 2572.290940][T29199]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 2572.290966][T29199]  ? __pfx_kcov_ioctl+0x10/0x10
[ 2572.291000][T29199]  __se_sys_ioctl+0xfc/0x170
[ 2572.291033][T29199]  do_syscall_64+0xfa/0xfa0
[ 2572.291064][T29199]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2572.291095][T29199]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2572.291116][T29199]  ? clear_bhb_loop+0x60/0xb0
[ 2572.291142][T29199]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2572.291162][T29199] RIP: 0033:0x7f50f078e7ab
[ 2572.291182][T29199] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[ 2572.291199][T29199] RSP: 002b:00007ffebbff7530 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2572.291222][T29199] RAX: ffffffffffffffda RBX: 0000000000080000 RCX: 00007f50f078e7ab
[ 2572.291238][T29199] RDX: 0000000000080000 RSI: ffffffff80086301 RDI: 00000000000000db
[ 2572.291252][T29199] RBP: 00007f50f09d6308 R08: 00000000000000da R09: 0000000000000000
[ 2572.291266][T29199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2572.291278][T29199] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[ 2572.291313][T29199]  </TASK>
[ 2572.291328][T29199] Mem-Info:
[ 2572.585521][T22319] Bluetooth: hci7: command tx timeout
[ 2572.591187][T22319] Bluetooth: hci6: command tx timeout
[ 2572.597322][T29175] Bluetooth: hci1: command tx timeout
[ 2572.707687][T29199] active_anon:3408 inactive_anon:0 isolated_anon:0
[ 2572.707687][T29199]  active_file:21739 inactive_file:40517 isolated_file:0
[ 2572.707687][T29199]  unevictable:768 dirty:4 writeback:0
[ 2572.707687][T29199]  slab_reclaimable:11586 slab_unreclaimable:118117
[ 2572.707687][T29199]  mapped:25772 shmem:1357 pagetables:824
[ 2572.707687][T29199]  sec_pagetables:0 bounce:0
[ 2572.707687][T29199]  kernel_misc_reclaimable:0
[ 2572.707687][T29199]  free:1262766 free_pcp:23420 free_cma:0
[ 2572.795183][T29199] Node 0 active_anon:13632kB inactive_anon:0kB active_file:86956kB inactive_file:161920kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:103088kB dirty:16kB writeback:0kB shmem:3892kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12696kB pagetables:3140kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 2572.924100][T29199] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:148kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:156kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 2572.958666][T17897] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2573.035159][T29199] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 2573.135131][T29199] lowmem_reserve[]: 0 2496 2498 2498 2498
[ 2573.140973][T29199] Node 0 DMA32 free:1195868kB boost:0kB min:34232kB low:42788kB high:51344kB reserved_highatomic:0KB free_highatomic:0KB active_anon:13632kB inactive_anon:0kB active_file:86956kB inactive_file:161920kB unevictable:1536kB writepending:16kB zspages:0kB present:3129332kB managed:2556884kB mlocked:0kB bounce:0kB free_pcp:75164kB local_pcp:35048kB free_cma:0kB
[ 2573.277595][T29199] lowmem_reserve[]: 0 0 1 1 1
[ 2573.282418][T29199] Node 0 Normal free:0kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 2573.348516][T29199] lowmem_reserve[]: 0 0 0 0 0
[ 2573.374806][T29199] Node 1 Normal free:3891636kB boost:0kB min:55652kB low:69564kB high:83476kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:148kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:17888kB local_pcp:8160kB free_cma:0kB
[ 2573.446260][T29199] lowmem_reserve[]: 0 0 0 0 0
[ 2573.451055][T29199] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 2573.471029][T29199] Node 0 DMA32: 3878*4kB (UM) 2029*8kB (UME) 1081*16kB (UME) 976*32kB (UM) 446*64kB (UME) 443*128kB (UME) 262*256kB (UME) 89*512kB (UME) 23*1024kB (UME) 11*2048kB (UME) 222*4096kB (UM) = 1233552kB
[ 2573.499471][T29199] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 2573.511429][T29199] Node 1 Normal: 211*4kB (UME) 55*8kB (UME) 53*16kB (UE) 139*32kB (UME) 44*64kB (UME) 14*128kB (UM) 6*256kB (UME) 6*512kB (UME) 1*1024kB (M) 2*2048kB (UE) 945*4096kB (M) = 3891636kB
[ 2573.534809][T29199] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 2573.562744][T29199] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 2573.599906][T29199] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 2573.601071][T23031] syz_tun (unregistering): left allmulticast mode
[ 2573.611144][T29199] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 2573.643130][T29199] 63610 total pagecache pages
[ 2573.648838][T29199] 0 pages in swap cache
[ 2573.653109][T29199] Free swap  = 124996kB
[ 2573.664390][T29199] Total swap = 124996kB
[ 2573.671327][T29199] 2097051 pages RAM
[ 2573.683825][T29199] 0 pages HighMem/MovableOnly
[ 2573.689007][T29199] 425868 pages reserved
[ 2573.693330][T29199] 0 pages cma reserved
[ 2574.063340][T17897] bridge0: port 1(team0) entered disabled state
[ 2574.454353][T17897] bond0 (unregistering): (slave bridge0): Releasing backup interface
[ 2574.673387][T29175] Bluetooth: hci1: command tx timeout
[ 2574.680677][T29176] Bluetooth: hci7: command tx timeout
[ 2574.686629][T22319] Bluetooth: hci6: command tx timeout
[ 2574.786510][T17897] bond0 (unregistering): Released all slaves
[ 2574.916651][T17897] tipc: Disabling bearer <eth:team0>
[ 2574.991447][T17897] tipc: Left network mode
[ 2575.762614][T17897] hsr_slave_0: left promiscuous mode
[ 2575.770192][T17897] hsr_slave_1: left promiscuous mode
[ 2575.776907][T17897] batman_adv: batadv0: Interface deactivated: dummy0
[ 2575.783642][T17897] batman_adv: batadv0: Removing interface: dummy0
[ 2575.820784][T17897] veth1_macvtap: left promiscuous mode
[ 2575.827670][T17897] veth0_macvtap: left promiscuous mode
[ 2575.833478][T17897] veth1_vlan: left promiscuous mode
[ 2576.221568][T17897] vlan0 (unregistering): left allmulticast mode
[ 2576.228874][T17897] veth0_vlan (unregistering): left allmulticast mode
[ 2576.237569][T17897] team0 (unregistering): Port device vlan0 removed
[ 2577.960091][T17897] IPVS: stop unused estimator thread 0...
[ 2578.064810][T17897] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2578.170999][T17897] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2578.237572][T17897] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2578.308361][T17897] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2578.449154][T17897] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2578.534135][T17897] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2578.615449][T17897] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2578.707619][T17897] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0