last executing test programs:

14.61977517s ago: executing program 0 (id=652):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x3, &(0x7f0000000040)=@framed, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_GET_UNIQUE(r1, 0xc0106401, &(0x7f0000000140)={0xa3, &(0x7f0000000080)=""/163})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$ax25(0x3, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = syz_io_uring_setup(0x22e, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000440)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000009c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index, 0x0, 0x0})
io_uring_enter(r5, 0x7a98, 0x0, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_RELEASE(r1, 0x6431)
r8 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
keyctl$read(0xb, r8, &(0x7f0000001300)=""/4096, 0xffffffffffffffd2)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, 0x0)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r9 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x2, 0xa, 0x0, 0x2, 0x2}, 0x10}}, 0x0)

13.667472049s ago: executing program 0 (id=655):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket$inet6(0xa, 0x40000080806, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000840)={'#! ', './file0', [{}, {0x20, 'cgroup.controllers\x00'}]}, 0x20)
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0xc00)
ioctl$SNDRV_PCM_IOCTL_FORWARD(0xffffffffffffffff, 0x40084149, &(0x7f00000000c0)=0xbc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="6802000000050104000000000000000000000000540201000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000170cd769fb72887e87d85ffa0700a8c7636e950a2a83dbdd1a0000000000000013f6321d3ac4d2e71527562bfa9aab000b42729c1910dfe20ee7557ea577902600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004a25ada69300"/621], 0x268}}, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000000)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x73, 0x0, @private, @multicast1}, {0x0, 0x0, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)
r3 = syz_io_uring_setup(0xf02, &(0x7f0000000300), &(0x7f00000001c0)=<r4=>0x0, &(0x7f0000000040)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000000c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[0xffffffffffffffff], 0x1, 0x0, 0x0, {0x0, r6}})
io_uring_enter(r3, 0x47fa, 0x0, 0x0, 0x0, 0x0)

13.41542489s ago: executing program 0 (id=658):
epoll_create1(0x80000)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x5, 0x22e, [], 0x0, 0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000070696d7225673100000000000000000076657468315f746f5f6272696467650065727370616e300000000000000000006d616373656330000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000006e0000006e0000009e0100005345434d41524b000000000000000000000000000000000000000000000000000801000000000000000000000000000073797374656d5f753a6f626a6563745f723a6465766963655f743a733000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002d427edcff11417414f2b105e2030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000e6789c45904b3abcbbfa486b90c79bebe86857658d086bf39a240b5948a1f938685028756a04de9d8484f47208a8c81b0bd72e8f57ccb51c4c6803e4d27bbbfab7b0d81297d52bc988410e736e5b62a74e684a82341b3e7660690f2a44ecb334353f8f4ac650"]}, 0x313)
r4 = socket$packet(0x11, 0x3, 0x300)
dup(r4)
r5 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r5, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000080))
r7 = dup(r6)
ioctl$VHOST_NET_SET_BACKEND(r5, 0x4008af30, &(0x7f0000000000)={0x1, r7})
ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, &(0x7f00000001c0)=0x304008000)
sendmsg$NFT_BATCH(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1400000010000000400a0000000a14000c001100010000000000c0ff0000000000016431159ded00000000000000"], 0x28}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r8=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=@bridge_dellink={0x64, 0x13, 0x5, 0x0, 0x0, {0x7, 0x0, 0x0, r8}, [@IFLA_AF_SPEC={0x44, 0x1a, 0x0, 0x1, [@AF_INET={0x18, 0x4, 0x0, 0x1, {0x14, 0x2, 0x0, 0x1, [{0x8}, {0x8, 0x4}]}}, @AF_BRIDGE={0x4}, @AF_INET6={0x20, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @empty}, @IFLA_INET6_ADDR_GEN_MODE={0x5, 0x8, 0x80}]}, @AF_MPLS={0x4}]}]}, 0x64}}, 0x0)
r9 = syz_usb_connect(0x0, 0x24, &(0x7f0000000280)={{0x12, 0x1, 0x0, 0xd3, 0x75, 0x8, 0x20, 0xac8, 0x321, 0x6fbe, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x8e, 0xfe, 0x89}}]}}]}}, 0x0)
syz_usb_control_io(r9, 0x0, &(0x7f00000006c0)={0x84, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r9, 0x0, 0x0)

12.051895701s ago: executing program 4 (id=661):
openat$dlm_plock(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x9, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
socketpair$unix(0x1, 0x4000000000002, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)={0x44, r5, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_TX={0x5, 0xc, 0x1}, @ETHTOOL_A_COALESCE_USE_CQE_MODE_TX={0x5}, @ETHTOOL_A_COALESCE_TX_USECS_LOW={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x2400c000}, 0x0)
connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r6, 0x800448d4, &(0x7f0000000080)={0x0, 0x0, "00fa00"})
r7 = accept(r3, 0x0, 0x0)
sendto$inet6(r7, &(0x7f0000000000), 0xffffffffffffffe6, 0x0, 0x0, 0x18fae6fad8906d26)
recvmmsg(r2, &(0x7f0000000700)=[{{&(0x7f0000000000)=@x25={0x9, @remote}, 0x80, &(0x7f0000000800)=[{&(0x7f0000000080)=""/54}, {&(0x7f0000000780)=""/111}], 0x0, &(0x7f0000000280)=""/173, 0xbb}}, {{&(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @initdev}}}, 0x80, &(0x7f0000000600)=[{&(0x7f0000000840)=""/150, 0xfffffd8c}, {&(0x7f0000000400)=""/119, 0x77}, {&(0x7f0000000480)=""/148, 0x94}, {&(0x7f0000000540)=""/59, 0x3b}, {&(0x7f0000000580)=""/42, 0x2a}, {&(0x7f00000005c0)=""/61, 0x3d}], 0x6, &(0x7f0000000680)=""/127, 0x7f}}], 0x2, 0x0, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000c40)=ANY=[@ANYBLOB="580000001000010400000000000000e9fe2831b2", @ANYRES32=0x0, @ANYBLOB="00000000da44000024001a8020000a8014000700fe8000000000000000020040000000000500080002000000140003007866726d30"], 0x58}}, 0x0)
getpeername(r2, &(0x7f0000000340)=@qipcrtr, 0x0)
sigaltstack(&(0x7f0000000000)={0xffffffffffffffff}, 0x0)
sigaltstack(0x0, &(0x7f0000000040)={0x0})

10.871508918s ago: executing program 1 (id=662):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
socket$kcm(0x10, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
prlimit64(0x0, 0x9, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = socket$rds(0x15, 0x5, 0x0)
r5 = syz_io_uring_setup(0x7b, &(0x7f0000000500)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000100)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x3b}})
io_uring_enter(r5, 0x46f6, 0x0, 0x0, 0x0, 0x0)
r8 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f0000000180))
ioctl$UFFDIO_REGISTER(r8, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
ioctl$UFFDIO_COPY(r8, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x3000})
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000580))
io_setup(0x7f, &(0x7f0000000240)=<r9=>0x0)
r10 = syz_open_procfs(0x0, &(0x7f00000002c0)='mounts\x00')
io_submit(r9, 0x1, &(0x7f0000000200)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r10, 0x0}])
ioctl$RTC_ALM_READ(r10, 0x80247008, &(0x7f0000000040))

10.439564043s ago: executing program 3 (id=664):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000280), 0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020701200000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x4, 0x0, 0x0, 0x1000}, 0x48)
timer_create(0x2, 0x0, &(0x7f00000001c0))
timer_gettime(0x0, &(0x7f0000000440))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9}, 0x48)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x1, &(0x7f0000000040), 0x4)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f00000000c0)={0x20000000000003d9, &(0x7f0000000300)=[{0x6, 0x0, 0x0, 0x7654}]}, 0x10)
r6 = syz_io_uring_setup(0xace, &(0x7f0000000480)={0x0, 0x8ef4, 0x10, 0x0, 0x24e}, &(0x7f0000000080)=<r7=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r6, 0x15ac, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r6, 0x60db, 0x8842, 0x0, 0x0, 0x59)

10.393538087s ago: executing program 4 (id=665):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000100)={0x18, 0x56, 0x601, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='\x00\x00\x00'}]}, 0x18}], 0x1}, 0x0)
pwrite64(r0, &(0x7f00000008c0)="10", 0x1, 0x8000c61)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000010000000000000000000000711216000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb}, 0x80)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580), 0x100}, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={@cgroup=r4, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)

8.781897439s ago: executing program 2 (id=666):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x3, &(0x7f0000000040)=@framed, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_GET_UNIQUE(r1, 0xc0106401, &(0x7f0000000140)={0xa3, &(0x7f0000000080)=""/163})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$ax25(0x3, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = syz_io_uring_setup(0x22e, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000440)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000009c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index, 0x0, 0x0})
io_uring_enter(r5, 0x7a98, 0x0, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_RELEASE(r1, 0x6431)
r8 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
keyctl$read(0xb, r8, &(0x7f0000001300)=""/4096, 0xffffffffffffffd2)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, 0x0)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r9 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x2, 0xa, 0x0, 0x2, 0x2}, 0x10}}, 0x0)

7.634335854s ago: executing program 1 (id=667):
openat$sequencer(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
ioctl$sock_ax25_SIOCDELRT(r3, 0x890c, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000004}, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)

7.631442834s ago: executing program 3 (id=668):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket$inet6(0xa, 0x40000080806, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000840)={'#! ', './file0', [{}, {0x20, 'cgroup.controllers\x00'}]}, 0x20)
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0xc00)
ioctl$SNDRV_PCM_IOCTL_FORWARD(0xffffffffffffffff, 0x40084149, &(0x7f00000000c0)=0xbc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="6802000000050104000000000000000000000000540201000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000170cd769fb72887e87d85ffa0700a8c7636e950a2a83dbdd1a0000000000000013f6321d3ac4d2e71527562bfa9aab000b42729c1910dfe20ee7557ea577902600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004a25ada69300"/621], 0x268}}, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000000)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x73, 0x0, @private, @multicast1}, {0x0, 0x0, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)
r5 = syz_io_uring_setup(0xf02, &(0x7f0000000300), &(0x7f00000001c0)=<r6=>0x0, &(0x7f0000000040)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000000c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[0xffffffffffffffff], 0x1, 0x0, 0x0, {0x0, r8}})
io_uring_enter(r5, 0x47fa, 0x0, 0x0, 0x0, 0x0)

7.609515296s ago: executing program 4 (id=669):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x8000000}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x18, 0x0, @wg=@data}}}}}, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x20)
syz_open_dev$tty1(0xc, 0x4, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB], 0x28}}, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r1, &(0x7f00000004c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000480)={&(0x7f0000000800)={0xa8, 0x0, 0x300, 0x0, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x7, 0xe}}}}, [@NL80211_ATTR_REKEY_DATA={0x4}, @NL80211_ATTR_REKEY_DATA={0x4}, @NL80211_ATTR_REKEY_DATA={0x28, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="18add6734af67323c9e4a0c17921a08a"}, @NL80211_REKEY_DATA_AKM={0x8}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x80}]}, @NL80211_ATTR_REKEY_DATA={0x50, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="89e205ccd056299b9d2eac4e83738ebe"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="291da20ab3631edd5dcc7bac8efa98339c4cadabf1c3be74"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x5}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="3c942499f804f1eb80ece3d10a6bf2dd"}]}]}, 0xa8}}, 0x0)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
sendmsg$NFQNL_MSG_VERDICT(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)
syz_emit_ethernet(0x46, 0x0, 0x0)
syz_extract_tcp_res$synack(0x0, 0x1, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000240)=[{0x48, 0x0, 0x0, 0xfff00002}, {0x6}]}, 0x10)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000003c0)={0x14, 0x0, 0x4}, 0x14}}, 0x0)

6.892736494s ago: executing program 2 (id=670):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000840)={'#! ', './file0', [{}, {0x20, 'cgroup.controllers\x00'}]}, 0x20)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="6802000000050104000000000000000000000000540201000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000170cd769fb72887e87d85ffa0700a8c7636e950a2a83dbdd1a0000000000000013f6321d3ac4d2e71527562bfa9aab000b42729c1910dfe20ee7557ea577902600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004a25ada69300"/621], 0x268}}, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000000)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x73, 0x0, @private, @multicast1}, {0x0, 0x0, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)
r5 = syz_io_uring_setup(0xf02, &(0x7f0000000300), &(0x7f00000001c0)=<r6=>0x0, &(0x7f0000000040)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000000c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[0xffffffffffffffff], 0x1, 0x0, 0x0, {0x0, r8}})
io_uring_enter(r5, 0x47fa, 0x0, 0x0, 0x0, 0x0)

6.876124906s ago: executing program 1 (id=671):
syz_emit_ethernet(0x0, 0x0, 0x0)

6.874591136s ago: executing program 3 (id=672):
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0xc, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r5, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
sendmmsg$inet6(r5, &(0x7f0000001500)=[{{&(0x7f0000000080)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c, &(0x7f0000001440)=[{&(0x7f00000000c0)="a6c6c34238f4595563a175ec970bf439024f8ec2dd49af842ad6830044218ebde605b5112fb292cf5d480002739aed74e8bacf37c73b5cdff62e63d3205c2d63c2ae686256cacda6fccf602641752997b84b75cdfd8d156c5fa9fa3f9338f13e0bb9af65d1e645a7f7553972ac", 0x6d}], 0x1}}], 0x1, 0x0)
recvmmsg(r5, &(0x7f0000001200)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000300)=""/108, 0x6c}, {0x0, 0x2}], 0x2}}], 0x1, 0x0, 0x0)
sendmsg$IPCTNL_MSG_EXP_DELETE(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)={0x14, 0x2, 0x2, 0x201}, 0x14}}, 0x0)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_DSP_GETOSPACE(r6, 0x8010500c, 0x0)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r8, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r8, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r9=>0x0}, &(0x7f0000000100)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r8, 0x84, 0x85, &(0x7f00000001c0)={r9, @in={{0x2, 0x0, @empty}}, 0x27c0}, 0x90)

6.849984258s ago: executing program 0 (id=673):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r1 = socket$inet(0x2, 0x3, 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_GET(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c40)=ANY=[@ANYBLOB="70020000", @ANYRES16=r3, @ANYBLOB="010000000000000000000a0000004400098008000200000000000800010000000000080002000000000008000100000000000800010000000000080002000000000008000200000000000800010000000000580006804b00040067636d286165732900000000000000000000000000000000000000000000000023000000b6e2dc52292c17995c7ef5f620f55f1eeee0de279ab5cd4284ddc477b63344ab709f040008000600f9ffffffb80004800900010073797a30000000001300010062726f6164636173742d6c696e6b"], 0x270}}, 0x0)
getsockopt$ARPT_SO_GET_INFO(r1, 0x0, 0x61, 0xffffffffffffffff, &(0x7f0000003a80)=0x44)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x2004000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, 0xee01}}, {@type={'type', 0x3d, "23faf989"}}, {@creator={'creator', 0x3d, "21ee2dd3"}}, {@codepage={'codepage', 0x3d, 'cp874'}}, {@dir_umask={'dir_umask', 0x3d, 0x7ff}}]}, 0x3, 0x286, &(0x7f0000000200)="$eJzs3c9qE1EUx/HfnaRtakud/pGCy2rBldi6ETeK9CFciKhNhGKooBXUlbgWcSe4d+dafAE3rsQX0JUrHyC7kXtnkkzi/Gs0uU38fiAhOvfcOaczydwTSCIA/60be9/fX/5pb0aqqSbpqhRIakh1SWe02XhyeHRw1G41iyaquQh7M4ojzR9j9g9bWaE2zkUkQvuvupbT/4fxiKIo+uE7CXjnnv0ZAmkheXa67Y2JZzYeL3wn4JnpqKOnWvGdBwDAr+T6HyTX+eVk/R4E0nZy2Z+p63/HdwKepa7/rsuKjD2+p92mfr/nWji7Peh2iQUz5m6ZV3xmDSwwTVlX6XIJFu8ftFsX9x+2m4Fe6loiNWzD3TfjU7erJNutgmQzlNeeZ8nVMGdr2M3Jf32UPb49fio95ov5am6bUO/U7K3/6pGxh8kdqdAdqbAXEOd/KX9GV2UYj8qpctXt5GyyB336UKHKRnZHou4ZtarBNwjCbp5v5gui1oai4up28qtzUeuZUbslURvDUf2zOT9ydDllDzGvzU2zpV/6qL3U+j+wf+1tVXlm2jFuZHJmFNZTdyPDCokFldJHVXOFW1/pnq5o5fGz5w/uttutR1PxoHYy0pj4g7omsa/uCXMiSp7tB/rreWpa0FhTLXrxWPyXr1PwqH/QtXnLdzLwwa67TNz/pfqV626b7ZNCt06fU9Y6PSqbPDXjTk5vsObuTx2rg1vK7+Cq9lznLkjnC/b4eXDaMMlzRpg9fdMd3v8HAAAAAAAAAAAAAAAAAACYNtU+D7CQjB7t4wSeSwQAAAAAAAAAAAAAAAAAAAAAYOqN//d/U9/qXf77v+5buvn9X2AyfgcAAP//C8h7PA==")
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$packet(0x11, 0x0, 0x300)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x4e4, &(0x7f00000001c0)={@dev, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb653e", 0x4ae, 0x3a, 0x0, @dev, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0x9, "7db4265c9f6aa3b46521199ea778d105c24ab977edb940e63f49a7129f45462e5eecc39f468544e3c13aa9017ccd638e784912ef2c2589d0d45cf0ed4bbe909218459bcbeaf63697ae"}, {0x0, 0x9, "1598a4a8a719ffe0621615f6d04dcae3360546cf06f2665bae2296931fd1d71c1f7e8f222b9ddc4e0bfb5e5c9a484353b785e79b4d8181cf146261723484c54803466e8bedb8ecd2"}, {0x0, 0x2, "d429145c793e823829b4376332b2c98aee"}, {0x0, 0x7e, "130c3818a2eaac43f1a6efc4f7772852ea05bff405aa28758ba53e0f2060e4e027f24bb723a5571d0da2ebeb3fe47f34e606cb3987e3681841f511126b773758e143f6be25d6965fcca35155fec3f970e2067f5db8a5de787eaf96b5957e6b988c02ae9fe26ec3118d9fdcca129d1269b290f687cde5b4eaba737c806335ca0d1e43697d144c6df4dc0d31e84004bc22e87b6e2daab5674479c76a1be360d309e7e7e5fa089032b331a3ceea18d92124681c0b78a0f1665ffcba0bee11950f6b4912bb302b3e648fad7ff4862ccc823e720fdb20af8ab0a6a09dfcdacf69923d60a0efeacf81e1e7e17db9547a4962bdec794c013af7210e54d43f3fe7da2f88c674f4cfd818f6a7461368bf62f1d5f98fd9394eb74bf0559f1c6b1ebec57dba007f143108ca4be3fa330cc21a411b0b7af23ebd9282be17fb702a5ca61650b283eec78e0280e4f2713b42bd4e3615c48c55c1abe5827601038109736f9c6b7242e7c9c917309397b864eedf5ca71db1debb609b6381b54955706017731319e0cc41083f99bd11da748b47d8715080899eb15caf19df36632b73bb22596b8e16186a2e51e277f8c78df609ca44a83914e8f7a8b053210573941b560ff8b114326678c6851c74596300b1c2a1ddc0af5b4cb5f15fa61e42214341368152275070973f3063f35fded9eeb535a0837783921dc2b705e0a0ceacca1882ff23813bc9199a9be39559c9f82a7452ce6113780cd7d26f532b72603afbfe994f5baf7257c9a33b9ac1ecd0b69da263daa9ac7e6a8d4400341926ed1f0c0e9086009c7945c0b255716f5b0dac45a9af480dc1f17beba2a2cddeafed29ecc91ce704895e28d0c46e639591c667a7f34500ea98ef557801dccf733fa61f3cf6740e40418745a42a738440ba9fc2ec415ba0fbf34800e6987b902302d552cf869eb350a9a862cd946f8285b03f03067dc9bae653dc701d97c7e6f7c1f0767624ac9e48b041c51697968b1e1733921270e569ac0b1ac7c25d00936ad05f14d67d3225d6a8cecd9fb63205ab14131e2e742977860e4a38ec056cda185aa357a059d0180056816a7902bdc0951253005099039bd945a6a4e525123cd4fcb8c5b335626464707fc21e92039b9190020eb9ef84c61cddede466a4c3ea2572927153997c33433ce9de0a7d2ed0b5fb0dce9cc6630bd0635a66be0cb490689169618184e896233d49b8f0e0717ae5d557333d54887ed8d983ee01091326af86e76583131104c66753efd58c32e499be23a05249b98e505c4c0237e2e70506fed29a33169d02b74ba5cbefad267e1107f4468e1144ece9656d35b88e405405fbb1438510f0395752c61e57e760de178a58a8da65040946656220817732fa0cd36189027287597cc5ebe709ca9d9a507babd39f1e56a37657326c7ffb654c"}]}}}}}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r6, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r7, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x10142, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000001400), 0x111000, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(r8, &(0x7f0000000000)={0xc, 0x8, 0xfa00, {0x0}}, 0x10)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x58, 0x1, 0x2, 0x101, 0x0, 0x0, {0xa}, [@CTA_EXPECT_ZONE={0x6}, @CTA_EXPECT_MASTER={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @private0}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x58}}, 0x0)
sendfile(r8, r8, 0x0, 0x7ffff000)
sendmsg$TIPC_NL_MON_GET(r0, &(0x7f0000001300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000012c0)={&(0x7f0000001440)=ANY=[@ANYBLOB="14000000a6c4464c7cae406855000000000000000d39b7efd0f1ad76d394e4f03377930b5d9f326544b6f020356fd3e1aec15d57d663db23d6740839c50e967dfe749b0afb19f2e1438fdb7731bf485c5b902048e8c5b3478464a59f57659f4c941620e05d48f6b5840fc763ba74f5a5d7c8300ac155145872736e6486bfe696e2ff8db48bfb5fd28f99d4cdffcf8a2962674d08e82d864f84cd2072cb825009b20b5588566e35a15a034443a96f13c72c82ec487996b2159202043439e00ad05dce7dca31829b9dae7a6831976372030092b09dc90ccea5e70f70d4759486", @ANYRES16=r4, @ANYBLOB="100029bd7000fedbdf2512000000"], 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x10)
syz_mount_image$reiserfs(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x10, &(0x7f0000000080), 0xfb, 0x111c, &(0x7f0000000180)="$eJzs2LFqFFEUBuD/zq4mVitjPwhaWEhIWB/AFArb2iqCSEAwVRYExdfwDXwLX0FTaR3SaxGwFK6MkyWJLKhkIwS+D+bOmXPmzJlbzgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB64+RrSW40SbvINUlK0nX7s8MvT3+lRv1y/eOoScmjndn8wd704XxoT5PyOCl9V9+WduvWejttp+1We+/+9u1P89dvXj7b3d3ZuzY8vqTLwdFKd1EWy+h0rqx0BgAAAFxa9dwmeffqbyZdvaD5AAAAwJ+s+n8CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL+qk5O4XQTNOClJ1+3PDpN0S/qu/Kf3AwAAAM6vpMmTybJ80pzJ3M3nSUlJrbUO9e+lv2cz75f0AwAAACdefDhzWdeOg9Pf3j/qoM/dyXiorQ+1mxlnY2OIj0/5tp2Mkmz+Nuvg6O3zxVHqKFm7mD0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPCTHTggAQAAABD0/3U7AgUAAAAAAAAAAAAAAAAAAAAAAAAAAOCiAAAA//8rTeZL")

6.619595407s ago: executing program 1 (id=674):
munlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'ip6gre0\x00'})
r1 = socket(0x1, 0x803, 0x0)
getsockopt$SO_BINDTODEVICE(r1, 0x1, 0x1e, &(0x7f0000000000), 0x20000000)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r3, @ANYBLOB="01e5ff000000000004003b1c210008000300", @ANYRES32=r2, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='net_prio.prioidx\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0)
preadv(r5, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffffff000}], 0x5, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000240), 0x3af4701e)
sendfile(r6, r4, 0x0, 0x10000a007)
r8 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r8, 0x6, 0x80000000000002, &(0x7f00000005c0)=0x169, 0x4)
bind$inet(r8, &(0x7f0000deb000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r8, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r8, &(0x7f0000000340)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r8, 0x1, 0x12, &(0x7f0000000080)=0x7ff, 0x4)
sendmmsg$inet(r8, &(0x7f00000049c0)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000003c0)="9fa6cc9078a4d4a74e98d287c82caac53eda90e60c94d8da181892a7fa8fcbf0a1a98fb726569e8de0fce82b0f4a9b678c48928ed16d705fe347d32b7e8183555a571c77fb079c50623893fbba9aa35076774a21f40912a9036ad47ec13a4a4172bc9438e51f94cd8b75beaf584ce4a0ea9c3a330071483b828200980907e55efc3d526e041937e61b08f80fa719dc7f66871400a2491f35b47dbd3ed988", 0x9e}, {&(0x7f0000001580)="a94392d6d86d71c32ee3db308f08fab8b2b5bb6e44c2c7f2058d9b82bbe0b6ff12925020aec66f94f0c40d36e24c9a190eeeb0791dc591141200a457549d475f6fc2e257d8f8ef2432595ba14e712a19fb90b8969c7477336357790ae522bfa09918eca0bece80411a03750ec63f684dd2545eef4c6bb7b650d259b27724bb2d40ba28ca29af18b8124192506f", 0x8d}, {&(0x7f0000000180)="66b1cc2d9ebcf7e42d4ecbb2f1605698caeb4f2bad0678374f64923db176b5899a26ae2c0a5bcc7fe8066549f82d7c2b", 0x30}, {&(0x7f0000001640)="c47bffece7719a411b2828ca2c3491987974e325d38356b11f05ea9671deb6ad9f896e3027ba2d", 0x27}], 0x4}}, {{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000004b00)="68cd6415d798c355832795c900ee87dc29e27296af5d91a8ffc1e25df7b4edcbf0df6e62d772ece8185858e9ec0d1bec890f98ce42940b1421ddf4189e3a892c9017fe0e03cca86ecd9ddbdb638d223683793db857f9f96179b124dc780533440e1db50acc8432bd39a604c43fa6bd55af2d336db1a32a327910008756687b4b7e003d263d6ebd62639d3281ddc7d1580abf512ef46ebd9fe0c9bbd1a343d22ede1c156f1a21976207235d8ee8fa6265e4cf516cbea0351adba71b448ab31c5b179b157b9d474bd1b4f4c998e077609a2fff7db539d3c3d94ffd8ea7327719863803ed496c77437dc2062beaac648f8c9e80dfb152187b2882545e5fec6df2dc918e9faeeb6ead8661b727b26f178e946d4768a186ed2f742194abb31cde2818ee08019b6b2032b78a7b43e6b4daed626aaa65c64d27926f01e47d620738deb6993c8e30cda77b6270b38054da666e4a0d7a2813ca9c8c0588fd6bb53a8656ac2847416646c78ae14faea16edf0c067d7be51ccaa3144f1686bd92c43f7c468cdd88d507deebec1aed4ca73769b6c5c29313e819ed9daa4c34f7b97e82dc5cc0d7bac965b9a6062361b944d549e465afd0d6f6dd41227a96bcb38c5040e8a2d46fe7c1c8ec4bc2fca23f1dff70746305a9d8f70b6d5ef7cfe3f921da416c8cdb810dc76db80d34de50e6bf3079ecac544c97c4721f3572a6071bb070c7bd012453fe0986acd094a84f2372b263236408cb385870b5b48cb91c0afbb1ef8e871f4b1b29cd8471fac6ad9fd7797453436d4642efbfec549e0b40f8ae634b3dd8a07ce004b7c4bd31a18fe07f7f033e8db16e2ab50afc018cfb3ccc1eb355fd0ed718718f00ab8ef10f2c1ec76ba3c263808f9bdef1c4d76f8aa3320c9922cdd8f65ce948f43d90fc676fdea77fd25b69cf9b7656179be9000ef8e1654671f3e255d99222ece5950c78e90fd21c0ba513e0391472215fb30780d58696bcda7d2973cc85e1c26174e0b43cc178cbf7fd3e5102a254736b167e3c0da2c67468ecbfe106e6ff34792bc15b6d157bffa212c5979ad33bbcdc75ac14a70cb762744c1a8a716207df93b79779ca64a9986a2922e5f3a56bc826e2eb70506a68fc66807e7ba4e1b3f5b8008540ade5a2dc295029b61fc8d062a0474b4ac33c460af08dd97c70338b5b362fd260116be35ac7dbca76205b9157d03fe6b3f5ed406cedf51b1e400ed8a0050087edb2637f8dcbe4917c1f801316eedb0313a3d7d2e34acbda518891374912f68ffa06e718c1730f2f42a0c2af951bcffffd4cec41afb8b011030c2aa624be164c71c278363face03df0cf02a5ed88729b957655c50da362513c277b7bb8e8e994572e76f475c9e1faa559e94f85d6b08a6771cf85b8483d891bdad7aa335f57316b89b4da302a2dae53f5ee00ecd12377f5522694fddcfed29d516339f462e2990dceebe10147d9fbeb61673f48010d4e542d56b5e9810dfd92cdb56d5813e9df8daf6e6ad870c98627549bec2053b0d0693acfbfe448b62babc4e736886fd4259c30836dc0f79de1261335a5ab91a9d6d97bc2dcaa17c9ff1e752ae23e2765e835d7679fa39051fee656987e8e540563a3f8ae156f1c5303dd97484d9788e8a1b1b27b5146378d3820947750239eb002d0f2b44a64ff4cb0ac23a57974534c708edecc6c44ed45617f2dc134a2254b12883ee02c8c3dbab756615f02517b7a82c7b33dc169cf07e2e1d8056d3f905874388a3b0f1643a1d7578ea1dd8c15d318f946194f5713b20d259231ef451c6066294deffa4b230d8287e517dae682de9c61042543a0a3efdf0cb1c48499a86a626e9365a8bc7e714dc8704229a0bce2c18b15a522ade7c05e00342229d96f9126ec3075e3d3c430ab8c0e53cf654b150b3d7fb5ce62f60e4ec57fffa312fe1ce9cda8e8e6e10c112752881b1438632922a03e255a47d33aaff3c3e1f2092013d539a03f6405240ecda2c80a8e378eda4611889b8a3ebf450a23a668aaeddfd33265eef98642d3110aa95420d387537010143cd60f123fc9c3d107b5fc4ab43900667c1e395a3a0863a28d0661ad4cad39c5ecbd6df870cf37d6d77476f02c7e8e259f86210b35aa586a720f4f7f361f527a1fa3fc832673e478193e37f95c14d165e687c8070824b519503855ae5c69d128a2832ea72b60fd52898a0563581d7312b6ca32e702f42c07872d7d6d833dc191e487da719d7816a6b1bfc800514749335b9a5e6aeb71dc39d7de558831a0fdafa10aa50d007383a07b0f40a189c30a5d6313b3aa61c9aca029b8f406f5972ab8b989e92dba08fc89b9c7641645b17d50f6f40edc54d1cd7da9313906f2ffa084a70b17d5cfaa36213eb42be2e75e4380e0487fd3f5eaf1ce0adcf11ac2057063e85bb97de0b5371edef9cb6430294a8cd6188026db3fe739fbeaf324af9c6fd7ce1bc2c9ab38efba3a0c95b6b3af503174012d894c74accf1e240bffd8ce3041a1f1cc58996ecbede2c233ed2f39ef442e6907fbd0d71f071d93b38b46cda3af3152ccb54c6aa4e3da85db7bf96ff10f08cf106c62e3b75fb28cdc80dedae4274f773302eee5d6040df46d0ec5f7754cccf49e1e1374d0a5488f4cddd36941904caaf2711cf8976e6ac72472e897c94a9e9c56c81b83fa69b856f5c28025250f83a7b3569940d55d65ae529c715806bd1d6245679e07d16dcce36821f9073d92f618a1f69cb3d1019fd20aa89819ecd1f98adedc057a3744750d1a76f7f29cc336aeab75e243b070cdaeefef37acd2184bce3cc68f0707c039f3322f8e53ca89b1315f54618b32ab1aeef3143785d50f163221e6d779dbb7c4c9432390f9c1d9cdff40edcf56985237c912ebd20b331e3a2733a069a4171f0db64a875e404d2b1a3d7c47c493a827bc19dd67c446341fcd6aac06beb00c31ea3c3327283235ddcd76c7803b99b98ed3287c08ff6c0084ad708368ac474f48145c73a32d187194efc977c591f7ece9e38088a9f1a4ce271714b2fa96d212e7a6c07581dbbabf6bcecd43812919d684f3bdba4ddff337dbd9b68eb54bc6475c8be31cd5d933e9ea45f8d3e2e0b5ae822c94e3b968433a982d54838c6878eca9e0f55b3b49b0fe000000000000891bb353b5afa33a024f00d6e9580c3f8ee3da29c1b5e48761648ca135fcf6ce8c91c1889d0978e00ba3c17dc00db4252e08dcdc54f4e614d8097d1a2e07f1910e9a196befab2a82d479a1224cd236d8c125a22f29e4d5f0426f1c79f3a51355a1c2f619d91a7ab1a8cd24449b645887accda311b03d8d03341e023b8f33583fad6b463e7ff2e6d77864a9dffb0014f5e868d8b3df2755d62fada27579c91dd67834320b474aa3dc1d5da0fef7c4479cb0ff097c960bcf769553007ae4caff643ab5ed6d813b6ef1cdcac83ade3aa565e0788810cf3e9827c41a87530cb87d9a21ca5450f8f1e1cc4e7fb6dfe416e656b05af7127971b623a9d3864220c6a085ffe65770056744d213e068293167b3624af2d40949772fc95f11d3a78940f24d14ec49887b5e263d8d1f82eee79d9bfe9ff95da5f1bf037f1d9e9afd8d0000a90208f90b0d6bc85310278566a31c1e97af4fcdc2b5798931f3511e191c81c35bbbeab5b9341b5d62fbe94b08a8ce7b317e55a3efc6e3ba57e79105c47412d94435345d760bd11b64301081a382df985232a820e8cf6b8d3ba0a2c5cafa610a4ee7c9a91933c1ed9742e855cfa8e42a4978de7b3f89db44d7bc235afed016aab5216a27eb88af716c9f29a0a963a126ab973e025e763e1f6e4bb18dd83e042849c8f7d77465c4ea69deb1c49b1ffa3ee36e7f56aaa7dd439a3e779b22635bf2d1ea9bf41b5c7297e78d17e68743fe927eae366db390cd38cfe692c4965723003bea89353f8bb89470772ca45037592778657ac2c97e50ad2226f288aa2746b9b6cbee5dab1e2154a1119c09214623c98d85a1a0d85b96877ba7c5d729a1a56c1e6d99a8da01435d635bb50703a07de64ffcf0e7ac88c0ad1feb99f3c4e9b4723caf3f625815f5eb96333c86ecd84d1b575f633b4e07196c35d01fbbab25575839747f7b56c09090306ac9879bba3dd026c7db6fbd6fd483e4b11c03d08051b14e8d1343d3c635a8e8e96c60e7010434adf0b19e802b351bb8aa1f1b8680dc06cf8a923e17545ea7f7212bd9e2af6eb2cabe41c1f54bddf91c7526fb68783c57dfe265449e4758dd4d17d4836a99f8aff24bcf65f480972885540e52557810c85ab98c7012187045c1e0b6d05cbe1c3d888ef742b3daad83e9c16f1d861d86d8de574a90a8202faaa4349f633fced11940f9ecb4fd311e08ab1217044df4590331b7b608543aa5895c85f03d060800000000000000271530a7ecd6132d412e9d683ee38d82ab28b90bc4dc58f64307520c16cdf50cc00c269344193914ecd9f61e5f586f49bad06c7d5c56865fc844ee0889424130d049c2838189e2a31c7d998b117d95a3d9cc377fcefc24ac9efb8230a431030ab6808d907aee31d5f9db4969e14d28a951469a4bc82bc29e65182e3978ab7b0e82e19a479ae7f5d443b9bc9a94685bf4b739753b05caf6a34da385cfbe5da4cd7a8c2f997171d2548044aed05d73baeea3f103c8aef4b8b5f79ebb6099bcebe65137df91736d8f0f61e7650680666ca777c517619b850b3c805c6a465daef5388664c9e81cd0c2c79ac0a204dbee071170c80595c2f89e474c86d8b167256a9921737570ee4a86952af33ba1c9fc376453bc86a7d391274b8768a603e200ad0bd3584be0fd4c86803dfdbd1efa7479142e14ae38304e3b8037b5677bc00030cadf424c1343337f270434635ca1311c43742eac1d38888d832103cd967bf8291e6386eb2219c2c10e601038316f068918ffa216c0cc00db0a221533a8cd1d9c2fc3be7b6a6b83d7e8f5be52a2b8f4013b9f121104102282af1213df83760325cbc93a1d2657089a76f5fff113e302306a0323741905d258d459b4f19e82fbf3e523bfa9aee7ca7a3892fe6e45f3d7d33f45f92f01bc4c503e7d14b12447415bb78570e28c8896ee8479d83c4caca24d3c9063b1e0bda03a5bc04ab3eed341e288a8984d5aa4144d175715e1923ed737830a67355526bfa745b2677bca980baf1212d6a64717f11845d25f46fe4d73a9ce3a7dfd807f618c5551563db60baf71aa3336bfc04f359c2fda3ae61e32c9556b6f699ed204803a7128bb7429547acc4359a5d599f44cb6ceb1bf6c0b7a097ad5471d91affe71b90416b31d4fff6513492526365bda0615c7e3193392003c665600303bd8c0f1e29f2ce4c6dce5f925d2856296938ef2c69f2dab9ff0000ca6ff9700baec237cb43872772f9544e60ce7eb90b3ef0837a752b0a21ed2ecaaa4442cbe0a71daa968e051c037e7f16ee65521df40cae8b12193f739ae458ca33512f0fbace7567e3a3b27ffa7faaa516fc7c9c0fc235290f4baa06e1b10618e2f8679ac60fc4e5cca44b613767a4f2abe89bbe9f8a8c3b5ce082c176dfc3104b326d7293841cd232e98a13ca6a4ac42ab2f3204661a5042282715f45a19a512c0e17338cb82b8ee7ce9b6b2ec4d449d6276dfe4d98d1c8a166465645c3e268bdf1fffdf4da82a1c973d3658c24e0b27144e2d92fd8ffc85f1f602d4d117c3797a415ed45e67aa16864c7c4a94f493310646984c437e0c3f19e7d49040680e013d9a00317fcf1c1b75e8a2fa411ae82a2a0a868323d3aee48b1549aaa99f9cceff0c8902507ff0219051126b7ceaf10c2bb540c3aa1e8af166aba80f99b794c7da375d9689b3084a2d8accfb227e095f190b265a7a88f273489f1befd38664e8641f6aebdbe9bd222999c29bc0240e1ac26772b90c153eb761f07f45add4320eb3ab38c7fe504d7d1af5e9abc1d46994ec2f250012b6a9c4a24c16635641dc64f1aa84bde71da7860544006d00"/4229, 0x1085}, {&(0x7f0000002880)="67e34aebf089da6703a72875f5b1925e9ea463efdbf2aa856832e450ed6b6133a7d7bd2448b26eff4d0e2104f0f0f52f3a19128afcdbbb73ea3ed902f5ab654e6f910d9d0b54735345235a47c6c9955c4224596952226a0482ebeab5f513f44b1cde3bb53d8cbb3897bab5c0d7bba7a771dd895346fa7f3c93e4e524bb8a9ee971c9e22e5a879a6979c19370970606d4fe97452b257c206cde143a004cc3d0c8cce02ff449d59ef1f6a526649942616a9d7c560fc2b4f54fcc2b127df089db434c408bdcc73423ad771e", 0xca}, {&(0x7f0000002980)="464560866369c7bde89c76b0371f48ff46b142a249ba94e2da45963fd6cb741bd2e927a70e06bb2463ff71271832224567e9a1c866f9a905af172532c05e2b8505aa24e49b764b2756dfdb973e7fe967d851bf42658048e901c52fe7fec67243b30a8fdf46c7be30efb2060008fa4581a42967a76aaf577108c2a7039e2de1399cfd16f08d64fa48af999f114f9435f12ea9e61d7a0c4ad839788be4", 0x9c}, {&(0x7f0000002a40)="6617a7eb85cb23c859739fac3344a10c3f12f6cfa718d833a4b6c249fc8f0737b5b0453e578dd943bc890d1416dabde1cc624bbce774129455e305db55d6bdfdb61bccfde03adc60f9fdfc751b2ee7f488c8db03a6442003526ee42854324662bf19b0f037a75930ef881697e643a04d9d192ffc1273b0ad641f5f7c5a89c43bd316ab16a6fe87e020c2fa44768c7ef590b3101f7f695d11e339b12d0425a72fa8375deb759a7ebc237ff176f9912708410c51276e79900a7c2e9d7827dbbd8b2980bf264f83cd8e49269bc56167cde28db99b", 0xd3}, {&(0x7f0000000480)="61b0e85bf9388923dba82a0cba731251094c2571154ca9541e", 0x19}, {0x0}], 0x6}}, {{0x0, 0x0, &(0x7f0000002d80)=[{&(0x7f0000002c40)="cf652ae49830dc5237702184aa61bf8ee140de65b6bfe788c7408bb310aa66e9db1cf01aecb5359430d0eebeaf2f6f4ce1309767fdd2aa770c395701ec5d0222b919d5b4b78af1905879b43853a3ee2e94579ed629858b3d91958a10ffa3de78f7d5f3d1b5beb4f0ea9cf01838f21dae9bd57920c6d9887d5916a298b8837aaa2b007745f1472d69948d40c44f876cd88ad8404df219a44daf4723bdd2dbc2626f0a18b0698ebdda9b2cdce9b576e042bb8fdc8514", 0xb5}, {&(0x7f0000002d00)="50bc46210f13ad83d90cfb0ffc3d96480c077fa4226f9e4b017186a0ab62feafdb", 0x21}, {&(0x7f0000002d40)="633842cfad0bc852e902b1a6df833b575649572a948a00205b2dce73f5b49ac936269ce89b981115ddd1072c", 0x2c}], 0x3}}, {{0x0, 0x0, &(0x7f0000002fc0)=[{&(0x7f0000002e80)="f3ba2f61e1144e92402ccba1beb3d435edceb234cf1ed29178e013f5c4f2bcd9cc8eab01dcb09f7862b16974b251853167ce08de13ac34dadedd7f837f4b3b85a56c5295ffd67483f6d37ef16961f7ea387264d333661a216d9dc59660ac19a1c0bec516d146f8ebee586dff231d58c81e8eedb38fd93410c0b074970dc4917b03cf48db268b99524dad235e92537a9a127884c7120ead66c911f1f6e14bf63ae97c55665896d05dc4d6f19aae3aa5e53786f21db18069d27c4600452c2abc88e297acce162867578c96409bd35c71d5c7385c1008945f1f53bb1506592ea46b601201781cbf2163da6312d8", 0xec}, {&(0x7f0000002f80)="8e729c466da27c9a10", 0x9}], 0x2}}, {{0x0, 0x0, &(0x7f00000040c0)=[{&(0x7f00000030c0)="a2034664a00d9041a85060d6f48a23d79f39220e1608a165bfb48b2ecb2739e8f1c098368d606d2e82cbad18d7e911af2af88f", 0x33}], 0x1}}], 0x5, 0x44084)
ppoll(&(0x7f0000000000)=[{r8}], 0x1, &(0x7f0000000040)={0x0, 0x989680}, 0x0, 0x0)
r9 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r9, 0x6, 0x16, &(0x7f0000000000)=[@mss={0x2, 0x5}, @timestamp], 0x2)

6.610316848s ago: executing program 4 (id=675):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r0, 0x1, 0x21, &(0x7f0000000540), 0x4)
sendmsg$inet(r1, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x20, 0x140e, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_RES_PDN={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x20}}, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'veth0_to_bond\x00', <r4=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={0xffffffffffffffff, r4, 0x25, 0x0, @void}, 0x10)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000240)='cdg\x00', 0x4)
close(0x3)
fsopen(&(0x7f0000000040)='proc\x00', 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x2, 0x0, 0x4}}, 0x9)
io_uring_setup(0x7c33, &(0x7f0000000100))
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSBRKP(r6, 0x5425, 0x0)
ioctl$TIOCGICOUNT(r6, 0x5409, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r7, 0x541b, &(0x7f00000001c0)={<r8=>0xffffffffffffffff})
close_range(r8, 0xffffffffffffffff, 0x0)
r9 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r9, 0x802c550a, &(0x7f0000000000)=ANY=[])

5.941872303s ago: executing program 2 (id=676):
socket$qrtr(0x2a, 0x2, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet(0x2, 0x3, 0x8d)
setsockopt$inet_msfilter(r4, 0x0, 0x8, 0x0, 0x1)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000000c0)={0x0, @local, @local}, &(0x7f0000000140)=0xc)
r5 = socket(0xa, 0x1, 0x0)
ioctl(r5, 0x4008916, 0x0)
ioctl(r5, 0x8936, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0x13, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000010000008500000086000000bf91000000000000b7020000000000008500000085000000b70000000000010095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0xfca804a0, 0x0, 0x10, 0x0, 0x0, 0x2008, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_io_uring_setup(0x2ba8, 0x0, &(0x7f0000000280), &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(0x0, r7, &(0x7f0000000000)=@IORING_OP_ASYNC_CANCEL={0xe, 0xa})
syz_open_dev$tty20(0xc, 0x4, 0x0)

5.73048163s ago: executing program 3 (id=677):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x213)
syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x80000c, &(0x7f0000002900)=ANY=[@ANYBLOB="706172743d3078303030303030303030303030303030342c6e6c733d61736369692c73657373696f6e3d3078666666666666666666666666666637662c747970653d883b7f382c63726561746f723dd4a620e92c6e6f6465636f6d706f73652c747970653d5dbcce902c756d61736b3d30303030303030303030303030303030303030303030312c63726561746f723d40f194712c626172726965720063726561746f723d65fe04c22c6e6f6465636f6d706f73652c6465636f6d706f73652c63726561746f723d8a7222832c7569643d", @ANYRESDEC=0x0, @ANYRESDEC, @ANYRES16, @ANYRESHEX, @ANYRES32, @ANYRES64, @ANYRESDEC], 0x1, 0x703, &(0x7f0000001f80)="$eJzs3TtsG+cdAPD/USRFuoAjJ36kRYAQNpAWNWpLJpRWXeoWReEhKIJ0aFfClmPBlBxISiEbRaP0sXfI1CkdtAUdinTqYqCdGwQosmoM0CJLJm0q7nhHkRJFUrJeTn4/4+6+u+95/3uRIowL4GvrzvUoP51Il2+speubG832xEZzMs9uR0Q1IkoR5c4ikqXIcm/nU3wz3ZiXT/br54OFubc++3Lz885aOZ+y8qVh9Qao9q78Kpuv51M0ImIiX+5V2afFj3d339fe3X3bG1fS3cM0YNeKwMWfn6lVeGbbe6x38z76TzYfVv0g1y1wRiWd5+YeUxHnIqIW0Xnq53eH0smO7uitn/YAAAAA4KDqB6/ywlZsxVqcP47hAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFdV/v7/JJ9KRboRSfH+/2q+LfL0GTT6RYifTnaWT49/MAAAAAAAAABw7F7diq1Yi/PF+naS/eZ/Nba7Rb4R78ZKzMdy3Ii1aMVqrMZyzETEVE9D1bXW6uryTFzN1i4OqXkrPhlQ89b+Y7x9pHsMAAAAAAAAAGdebUT+w8rebb+LOzu//wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFmQREx0Ftl0sUhPRakcEbWIqKbl1iM+KdLPiWTQxqcnPw4AAAB4JrX+1aQ2Rp0X3outWIvzxfp2kn3nv5x9X67Fu7EUq7EQq9GO+biXf4dOv/WXNjea7c2N5mLUmovpxn/8bzvTaefHXxxo6FmL0fnbw+CeX85K1ON+LGRbbsTdSKLTZSlv5eXNjWa6XEzHlY2tz/vpmJIf5YaMZqInfS+dXfk4S/+p/68I5QPt4iFM5lEZbCrLrXQjMp2PLa1xoYjA4EiMPDrloT3NRKn7l5+Lw3saHPP3h/d+blepgX+5ORW7I3ErSt0jdHlPJCr9lb/9949++aC99PDB/ZXrZ2eXBnpvZIndkWj2ROLK8HPiuYrEaNNZJC511+/Ez+IXcT2+mHwzlmMhfh2tWI35RpHfys/ndD41PFKf9l39b44aSXpNNrr3r0FjakTfmKIRP81SrbiaHdPzsRBJPIqI+Xg9+3crZrp3g50jfGmMq740xp22x7XvZItumKK+f9m/jtfkUUnjeqEnrr333Kksr3fLTpReHBil4lk3/vOoR/lbeSJt4fdDnw8nbXckZnoi8dLmRrM4i/rOl05I/5J9alhpLz1cftB6Z8z+XsuX6XX0xzP1lEiP8ItRy3fuQjZPsmtqOst7qfuE7Y9XNf/FpaO0J+9St17nSv15PIp7fVfq92M2ZmMuK305K13Z88RK8650W+q/h6d56SetcveHnd7PW4+i3fk89Fz97gPwNXTuu+eq9f/W/13/sP6H+oP6G7WfTP5g8pVqVP5V+WF5euK10ivJ3+LD+O3O938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODwVh4/edhqt+eXBydKg7OS4bVa7e3iRWJDyvQlkvxVOWMUTlYeP9ke2eDwxGQ+vENWP8pE8bbG3qzibYr9hRvHOIxkfffxqo0+FsVbnsboItkT8LTyocdc9LyzpXIGDuXuROOQ1Xv3K08UJ2xP4YOfvfVBx2siIgYVHnHjmHjmWw9wym6uLr5zc+Xxk+8tLLbenn97fqkyOzs3PTf7evPm/YX2/HRn3lPh2F9+C5yU3o8TXdWIeHV03SEvagUAAAAAAAAAAACO0Un8X4jT3kcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+XbnepSfRhIz0zem0/XNjWY7nYr0TslyRJQiIvlNRPLPiNvRmWKqp7lkv34+WJh767MvNz/faatclC9FrO9bbzzr+RSNiJjIl0fV3t3R7VV3kpMDspNuZNKAXSsCB6ft/wEAAP//q/3tgg==")
quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000180)='./file1\x00')
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001240)=ANY=[@ANYBLOB="240000001a00010000000000000000000a00000000000000000000000400331a27428f0968bbd97a1900", @ANYRES32=0x0, @ANYBLOB], 0x24}}, 0x0)
r5 = syz_io_uring_setup(0xf00, &(0x7f0000000080), &(0x7f0000000300), &(0x7f0000000000)=<r6=>0x0)
syz_io_uring_submit(0x0, r6, &(0x7f0000000200)=@IORING_OP_OPENAT2={0x1c, 0x4, 0x0, 0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x18})
io_uring_enter(r5, 0x2, 0x0, 0x0, 0x0, 0x0)
add_key(0x0, 0x0, &(0x7f00000000c0)="100c", 0x2, 0x0)
add_key(0x0, &(0x7f0000001140)={'syz', 0x3}, &(0x7f0000001180)="ec882917748b0b64da77fcf66c89122f5fb3f8dab81c749af7d1cee811e98e4efeb67d954568176e89eaf64d5bcefa331a7580f1aad736153b3e681fbdd02159928bf79c9a92c55c007edf1028496ed214c1efa1ae771fd36e224c0500b5ceedd936bd9d4b3168bb4f39833e8d7579768732fefcfd1d47b930ae57100fb1b37e0c054b8c6244fb3e9a554796fc94f549a894d4149d811e8fea1681e6d794bbc5ee7749", 0xa3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @dev}, 0x10)
unshare(0x8040480)
r7 = userfaultfd(0x801)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x806})
r8 = dup(r0)
read$sequencer(r8, &(0x7f0000000140)=""/4096, 0x1000)

3.501022133s ago: executing program 0 (id=678):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
socket$kcm(0x10, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
prlimit64(0x0, 0x9, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = socket$rds(0x15, 0x5, 0x0)
r5 = syz_io_uring_setup(0x7b, &(0x7f0000000500)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000100)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x3b}})
io_uring_enter(r5, 0x46f6, 0x0, 0x0, 0x0, 0x0)
r8 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f0000000180))
ioctl$UFFDIO_REGISTER(r8, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
ioctl$UFFDIO_COPY(r8, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x3000})
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000580))
io_setup(0x7f, &(0x7f0000000240)=<r9=>0x0)
r10 = syz_open_procfs(0x0, &(0x7f00000002c0)='mounts\x00')
io_submit(r9, 0x1, &(0x7f0000000200)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r10, 0x0}])
ioctl$RTC_ALM_READ(r10, 0x80247008, &(0x7f0000000040))

3.309858679s ago: executing program 2 (id=679):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000280), 0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020701200000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x4, 0x0, 0x0, 0x1000}, 0x48)
timer_create(0x2, 0x0, &(0x7f00000001c0))
timer_gettime(0x0, &(0x7f0000000440))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9}, 0x48)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x1, &(0x7f0000000040), 0x4)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f00000000c0)={0x20000000000003d9, &(0x7f0000000300)=[{0x6, 0x0, 0x0, 0x7654}]}, 0x10)
r6 = syz_io_uring_setup(0xace, &(0x7f0000000480)={0x0, 0x8ef4, 0x10, 0x0, 0x24e}, &(0x7f0000000080)=<r7=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r6, 0x15ac, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r6, 0x60db, 0x8842, 0x0, 0x0, 0x59)

3.309388589s ago: executing program 3 (id=680):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'pim6reg1\x00', 0x2})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e22, 0x9, @mcast1, 0x1}, 0x1c)
recvmmsg(r2, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e30, 0x0, @mcast1, 0xfffffffc}, 0x1c)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0x104, 0x4, 0x4f0, 0x110, 0x220, 0x110, 0x408, 0x408, 0x408, 0x4, 0x0, {[{{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac=@random="09f9f329f8bb"}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'bridge0\x00', 'erspan0\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@remote, @empty, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x4}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@local, @mac, @rand_addr, @multicast2, 0x0, 0xfffffffe}}}, {{@uncond, 0xc0, 0x1e8}, @unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:traceroute_exec_t:s0\x00'}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x540)
sendmsg$NL802154_CMD_SET_SEC_PARAMS(r1, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_ro(r3, &(0x7f0000000080)='cgroup.kill\x00', 0x275a, 0x0)
mkdirat$cgroup(0xffffffffffffffff, 0x0, 0x1ff)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, 0x0, &(0x7f00000005c0))
write$cgroup_int(r4, &(0x7f0000000200)=0x1, 0x12)
setsockopt$TIPC_DEST_DROPPABLE(0xffffffffffffffff, 0x10f, 0x81, &(0x7f0000000640)=0x1b, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000440)=ANY=[@ANYRESHEX], 0x24}, 0x1, 0x0, 0x0, 0x20000040}, 0x10000800)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, 0x0)
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)={0x1c, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000080)={'syztnl0\x00', &(0x7f00000002c0)={'syztnl0\x00', 0x0, 0x20, 0x80, 0x0, 0xb00, {{0x20, 0x4, 0x0, 0x38, 0x80, 0x0, 0x0, 0x6, 0x4, 0x0, @broadcast, @loopback, {[@timestamp={0x44, 0x18, 0xc, 0x0, 0x7, [0x8, 0xdf6, 0x496, 0x7, 0x8]}, @lsrr={0x83, 0x1f, 0xeb, [@multicast2, @rand_addr=0x64010101, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, @broadcast, @dev={0xac, 0x14, 0x14, 0x27}, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @timestamp_prespec={0x44, 0x34, 0x65, 0x3, 0x1, [{@multicast2}, {@remote, 0x2}, {@rand_addr=0x2dd, 0x74}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x800}, {@rand_addr=0x64010102, 0xbbb3}, {@rand_addr=0x64010101, 0x100000}]}]}}}}})
setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(r4, 0x111, 0x3, 0x1, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000e40)=ANY=[], 0x6c}}, 0x10)

1.617746357s ago: executing program 2 (id=681):
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2000006, 0x2172, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000005000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = socket(0x0, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440), 0x10)
socket$inet6_sctp(0xa, 0x0, 0x84)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x0, 0x4, 0x12}, 0x48)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
ioctl$sock_inet6_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f0000000380)={@private1={0xfc, 0x1, '\x00', 0x1}, @private1, @mcast1, 0x0, 0x8001, 0xa3, 0x400, 0x4, 0x1820020})
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r2, &(0x7f0000000000)=ANY=[@ANYBLOB='='], 0x6)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x0, 0x84, 0x144}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800}, 0x38)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000080), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @multicast1}, 0x10)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xe8, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

1.616790727s ago: executing program 4 (id=682):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket$inet6(0xa, 0x40000080806, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000840)={'#! ', './file0', [{}, {0x20, 'cgroup.controllers\x00'}]}, 0x20)
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0xc00)
ioctl$SNDRV_PCM_IOCTL_FORWARD(0xffffffffffffffff, 0x40084149, &(0x7f00000000c0)=0xbc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="6802000000050104000000000000000000000000540201000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000170cd769fb72887e87d85ffa0700a8c7636e950a2a83dbdd1a0000000000000013f6321d3ac4d2e71527562bfa9aab000b42729c1910dfe20ee7557ea577902600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004a25ada69300"/621], 0x268}}, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000000)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x73, 0x0, @private, @multicast1}, {0x0, 0x0, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)
r5 = syz_io_uring_setup(0xf02, &(0x7f0000000300), &(0x7f00000001c0)=<r6=>0x0, &(0x7f0000000040)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000000c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[0xffffffffffffffff], 0x1, 0x0, 0x0, {0x0, r8}})
io_uring_enter(r5, 0x47fa, 0x0, 0x0, 0x0, 0x0)

694.562983ms ago: executing program 4 (id=683):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x3, &(0x7f0000000040)=@framed, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_GET_UNIQUE(r1, 0xc0106401, &(0x7f0000000140)={0xa3, &(0x7f0000000080)=""/163})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$ax25(0x3, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = syz_io_uring_setup(0x22e, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r6=>0x0, &(0x7f0000000440)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000009c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index, 0x0, 0x0})
io_uring_enter(r5, 0x7a98, 0x0, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_RELEASE(r1, 0x6431)
r8 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
keyctl$read(0xb, r8, &(0x7f0000001300)=""/4096, 0xffffffffffffffd2)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, 0x0)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r9 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x2, 0xa, 0x0, 0x2, 0x2}, 0x10}}, 0x0)

692.975923ms ago: executing program 0 (id=693):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket$inet6(0xa, 0x40000080806, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000840)={'#! ', './file0', [{}, {0x20, 'cgroup.controllers\x00'}]}, 0x20)
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0xc00)
ioctl$SNDRV_PCM_IOCTL_FORWARD(0xffffffffffffffff, 0x40084149, &(0x7f00000000c0)=0xbc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="6802000000050104000000000000000000000000540201000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000170cd769fb72887e87d85ffa0700a8c7636e950a2a83dbdd1a0000000000000013f6321d3ac4d2e71527562bfa9aab000b42729c1910dfe20ee7557ea577902600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004a25ada69300"/621], 0x268}}, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000000)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x73, 0x0, @private, @multicast1}, {0x0, 0x0, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)
r5 = syz_io_uring_setup(0xf02, &(0x7f0000000300), &(0x7f00000001c0)=<r6=>0x0, &(0x7f0000000040)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000000c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[0xffffffffffffffff], 0x1, 0x0, 0x0, {0x0, r8}})
io_uring_enter(r5, 0x47fa, 0x0, 0x0, 0x0, 0x0)

691.914533ms ago: executing program 1 (id=684):
syz_emit_ethernet(0x0, 0x0, 0x0)

691.634503ms ago: executing program 2 (id=685):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x8000000}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x18, 0x0, @wg=@data}}}}}, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x20)
syz_open_dev$tty1(0xc, 0x4, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB], 0x28}}, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r1, &(0x7f00000004c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000480)={&(0x7f0000000800)={0xa8, 0x0, 0x300, 0x0, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x7, 0xe}}}}, [@NL80211_ATTR_REKEY_DATA={0x4}, @NL80211_ATTR_REKEY_DATA={0x4}, @NL80211_ATTR_REKEY_DATA={0x28, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="18add6734af67323c9e4a0c17921a08a"}, @NL80211_REKEY_DATA_AKM={0x8}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x80}]}, @NL80211_ATTR_REKEY_DATA={0x50, 0x7a, 0x0, 0x1, [@NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="89e205ccd056299b9d2eac4e83738ebe"}, @NL80211_REKEY_DATA_KCK={0x1c, 0x2, @kck_ext="291da20ab3631edd5dcc7bac8efa98339c4cadabf1c3be74"}, @NL80211_REKEY_DATA_AKM={0x8, 0x4, 0x5}, @NL80211_REKEY_DATA_KEK={0x14, 0x1, @kek="3c942499f804f1eb80ece3d10a6bf2dd"}]}]}, 0xa8}}, 0x0)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$inet6(0xa, 0x0, 0x0)
sendmsg$NFQNL_MSG_VERDICT(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)
syz_emit_ethernet(0x46, 0x0, 0x0)
syz_extract_tcp_res$synack(0x0, 0x1, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000240)=[{0x48, 0x0, 0x0, 0xfff00002}, {0x6}]}, 0x10)
sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000003c0)={0x14, 0x0, 0x4}, 0x14}}, 0x0)

494.237209ms ago: executing program 1 (id=686):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000840)={'#! ', './file0', [{}, {0x20, 'cgroup.controllers\x00'}]}, 0x20)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="6802000000050104000000000000000000000000540201000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000170cd769fb72887e87d85ffa0700a8c7636e950a2a83dbdd1a0000000000000013f6321d3ac4d2e71527562bfa9aab000b42729c1910dfe20ee7557ea577902600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004a25ada69300"/621], 0x268}}, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000000)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x73, 0x0, @private, @multicast1}, {0x0, 0x0, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)
r5 = syz_io_uring_setup(0xf02, &(0x7f0000000300), &(0x7f00000001c0)=<r6=>0x0, &(0x7f0000000040)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000000c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[0xffffffffffffffff], 0x1, 0x0, 0x0, {0x0, r8}})
io_uring_enter(r5, 0x47fa, 0x0, 0x0, 0x0, 0x0)

0s ago: executing program 3 (id=687):
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
write$binfmt_aout(r0, &(0x7f00000034c0)=ANY=[@ANYBLOB="0b01640500000000feffffff0000000000000000810000000000000000000000f7ce744adb21d1462460899c11533a1c755bdc3c5241e74013f0646edb80007d451cfc49da02a13e92930ca18c03becdeb50d6f61c5e037a6138e5a00112dcc56acd55f44ef83e10419d3c0579"], 0x28)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f00000014c0)={0x0, 0x1, 0x7}, 0x8)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x20, 0x41, 0x107, 0x0, 0x0, {0x4, 0x7c}, [@nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}]}, 0x20}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)={0x2c, r4, 0x1, 0x0, 0x0, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip_vti0\x00'}]}]}, 0x2c}}, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7a}]}, 0x10)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f00000000c0)="390000001000111867090707a640400f0021ff3f30000000170a001700000000040037000900030001632564b758b9a64411f6bb744dc48f57", 0x39}], 0x1)
syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r7, &(0x7f0000001640)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000004c0)=""/4096, 0x1e28}, {&(0x7f00000000c0)=""/250, 0x468}], 0x2, 0x0, 0xd64}}], 0x300, 0x34000, 0x0)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xd}}, 0x10)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0xfffffd66, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101804bc9555e1affd5020000000900010001797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000000009000300737975320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_MSG_GETTABLE(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x1, 0xa, 0x101, 0x0, 0x0, {0x3}}, 0x14}}, 0x0)

kernel console output (not intermixed with test programs):

ue to avoid problems!
[   49.458845][ T4031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   49.462055][ T4031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   49.466425][ T4031] batman_adv: batadv0: Interface activated: batadv_slave_0
[   49.481906][ T4031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   49.484938][ T4031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   49.487567][ T4031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   49.495805][ T4031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   49.500694][ T4031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   49.503755][ T4031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   49.506591][ T4031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   49.522727][ T4031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   49.526957][ T4031] batman_adv: batadv0: Interface activated: batadv_slave_1
[   49.539847][ T4114] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[   49.541853][ T4114] EXT4-fs (loop0): error: journal path ./file0 is not a block device
[   49.565792][ T4031] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   49.568157][ T4031] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   49.570640][ T4031] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   49.573548][ T4031] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   49.578642][ T4070] Bluetooth: hci0: command 0x040f tx timeout
[   49.580534][ T4070] Bluetooth: hci2: command 0x040f tx timeout
[   49.592003][ T4070] Bluetooth: hci1: command 0x040f tx timeout
[   49.607115][ T4110] device bond1 entered promiscuous mode
[   49.609063][ T4110] 8021q: adding VLAN 0 to HW filter on device bond1
[   49.612040][ T4077] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   49.614950][ T4077] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   49.617702][ T4077] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   50.532294][ T4118] loop3: detected capacity change from 0 to 512
[   50.540187][ T4077] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   50.545309][ T4079] Bluetooth: hci3: command 0x040f tx timeout
[   50.547277][ T4079] Bluetooth: hci4: command 0x040f tx timeout
[   50.585251][ T4110] device macvlan2 entered promiscuous mode
[   50.614711][ T4118] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   50.737729][ T4127] netlink: 'syz.0.7': attribute type 11 has an invalid length.
[   51.796441][ T4114] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7'.
[   51.807389][ T4070] Bluetooth: hci1: command 0x0419 tx timeout
[   51.809413][ T4070] Bluetooth: hci2: command 0x0419 tx timeout
[   51.811188][ T4070] Bluetooth: hci0: command 0x0419 tx timeout
[   51.833391][  T136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   51.839549][  T136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   51.850022][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   51.967738][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   51.971457][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   52.014228][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   52.018037][ T4137] loop2: detected capacity change from 0 to 4096
[   52.071309][ T4137] ntfs3: loop2: Different NTFS' sector size (2048) and media sector size (512)
[   52.112553][ T4144] capability: warning: `syz.4.5' uses deprecated v2 capabilities in a way that may be insecure
[   52.126624][ T4142] loop0: detected capacity change from 0 to 512
[   52.130881][ T4137] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[   53.915367][ T4077] Bluetooth: hci4: command 0x0419 tx timeout
[   53.917501][ T4077] Bluetooth: hci3: command 0x0419 tx timeout
[   54.223854][  T153] ntfs3: loop2: ntfs3_write_inode r=5 failed, -22.
[   54.227360][ T4142] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2213: inode #15: comm syz.0.11: corrupted in-inode xattr
[   54.289424][ T4142] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.11: couldn't read orphan inode 15 (err -117)
[   54.311356][ T4142] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   54.319285][ T4022] ntfs3: loop2: ntfs_evict_inode r=5 failed, -22.
[   54.562356][ T4167] netlink: 8 bytes leftover after parsing attributes in process `syz.2.15'.
[   54.670695][ T4167] netlink: 'syz.2.15': attribute type 1 has an invalid length.
[   54.677157][ T4167] netlink: 'syz.2.15': attribute type 2 has an invalid length.
[   55.151998][ T4021] EXT4-fs warning (device loop0): __ext4fs_dirhash:283: invalid/unsupported hash tree version 135
[   55.244421][ T4188] binder: 4184:4188 ioctl 400c620e 0 returned -14
[   55.273605][ T4188] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   56.399308][ T4184] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   56.426949][ T4196] netlink: 244 bytes leftover after parsing attributes in process `syz.3.23'.
[   56.469154][ T4197] loop2: detected capacity change from 0 to 256
[   56.674578][ T4193] netlink: 'syz.2.22': attribute type 25 has an invalid length.
[   56.676768][ T4193] netlink: 'syz.2.22': attribute type 7 has an invalid length.
[   56.735139][ T4213] netlink: 4 bytes leftover after parsing attributes in process `syz.3.30'.
[   58.032778][ T4234] netlink: 52 bytes leftover after parsing attributes in process `syz.2.36'.
[   58.039713][ T4234] netlink: 4 bytes leftover after parsing attributes in process `syz.2.36'.
[   58.039993][ T4232] loop3: detected capacity change from 0 to 8192
[   58.099935][ T4239] loop4: detected capacity change from 0 to 64
[   58.142249][ T4239] hfs: umask requires a value
[   58.143535][ T4239] hfs: unable to parse mount options
[   58.158707][ T4232] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[   58.161247][ T4232] REISERFS (device loop3): using ordered data mode
[   58.162895][ T4232] reiserfs: using flush barriers
[   58.170213][ T4232] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   58.179972][ T4232] REISERFS (device loop3): checking transaction log (loop3)
[   58.184967][ T4232] REISERFS (device loop3): Using r5 hash to sort names
[   58.187008][ T4232] REISERFS (device loop3): using 3.5.x disk format
[   58.189798][ T4232] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[   59.842998][ T4263] loop1: detected capacity change from 0 to 2048
[   60.351801][ T4263] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   60.802443][ T4279] loop3: detected capacity change from 0 to 8
[   62.078071][    C0] sched: RT throttling activated
[   63.121517][ T4279] SQUASHFS error: Failed to read block 0x730: -5
[   63.123232][ T4279] SQUASHFS error: Unable to read metadata cache entry [72e]
[   64.175611][ T4295] udc-core: couldn't find an available UDC or it's busy
[   64.215618][ T4295] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[   64.519256][    T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.804504][    T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.900900][    T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.924149][ T4290] xt_l2tp: v2 sid > 0xffff: 4278190080
[   65.001779][    T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   65.093916][ T4303] chnl_net:caif_netlink_parms(): no params data found
[   66.219004][ T4029] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[   66.219050][ T4029] CPU: 0 PID: 4029 Comm: kworker/u5:3 Not tainted 5.15.164-syzkaller #0
[   66.219062][ T4029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   66.219069][ T4029] Workqueue: hci2 hci_rx_work
[   66.219089][ T4029] Call trace:
[   66.219092][ T4029]  dump_backtrace+0x0/0x530
[   66.219103][ T4029]  show_stack+0x2c/0x3c
[   66.219111][ T4029]  dump_stack_lvl+0x108/0x170
[   66.219122][ T4029]  dump_stack+0x1c/0x58
[   66.219130][ T4029]  sysfs_create_dir_ns+0x278/0x318
[   66.219140][ T4029]  kobject_add_internal+0x384/0x8f0
[   66.219151][ T4029]  kobject_add+0x14c/0x21c
[   66.219161][ T4029]  device_add+0x400/0xef4
[   66.219185][ T4029]  hci_conn_add_sysfs+0xc4/0x1cc
[   66.219195][ T4029]  le_conn_complete_evt+0x954/0x1228
[   66.219205][ T4029]  hci_le_meta_evt+0xa50/0x31c0
[   66.219215][ T4029]  hci_event_packet+0xd34/0x12b4
[   66.219225][ T4029]  hci_rx_work+0x1c0/0x7c4
[   66.219234][ T4029]  process_one_work+0x790/0x11b8
[   66.219244][ T4029]  worker_thread+0x910/0x1034
[   66.219254][ T4029]  kthread+0x37c/0x45c
[   66.219263][ T4029]  ret_from_fork+0x10/0x20
[   66.219285][ T4029] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   66.219314][ T4029] Bluetooth: hci2: failed to register connection device
[   66.336417][ T4330] netlink: 4 bytes leftover after parsing attributes in process `syz.2.66'.
[   66.351038][ T4303] bridge0: port 1(bridge_slave_0) entered blocking state
[   66.352955][ T4303] bridge0: port 1(bridge_slave_0) entered disabled state
[   66.355628][ T4303] device bridge_slave_0 entered promiscuous mode
[   66.389929][ T4303] bridge0: port 2(bridge_slave_1) entered blocking state
[   66.391796][ T4303] bridge0: port 2(bridge_slave_1) entered disabled state
[   66.394421][ T4303] device bridge_slave_1 entered promiscuous mode
[   66.446673][ T4335] syz.3.65 sent an empty control message without MSG_MORE.
[   66.510477][ T4335] bridge0: port 3(hsr0) entered blocking state
[   66.514518][ T4335] bridge0: port 3(hsr0) entered disabled state
[   66.520134][ T4335] device hsr0 entered promiscuous mode
[   66.525568][ T4335] bridge0: port 3(hsr0) entered blocking state
[   66.527510][ T4335] bridge0: port 3(hsr0) entered forwarding state
[   66.629396][ T4303] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   66.645272][ T4303] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   66.725389][ T4303] team0: Port device team_slave_0 added
[   66.736600][ T4303] team0: Port device team_slave_1 added
[   66.791606][ T4303] batman_adv: batadv0: Adding interface: batadv_slave_0
[   66.798922][ T4303] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   66.825142][ T4303] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   66.841514][ T4303] batman_adv: batadv0: Adding interface: batadv_slave_1
[   66.845678][ T4303] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   66.857068][ T4303] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   66.940235][ T4077] Bluetooth: hci0: command 0x0409 tx timeout
[   66.977292][ T4303] device hsr_slave_0 entered promiscuous mode
[   67.166286][ T4303] device hsr_slave_1 entered promiscuous mode
[   67.219533][ T4303] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   67.224537][ T4303] Cannot create hsr debugfs directory
[   67.566711][ T4358] loop1: detected capacity change from 0 to 4096
[   67.664986][ T4358] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512)
[   67.954559][ T4373] netlink: 'syz.3.75': attribute type 3 has an invalid length.
[   67.994402][ T4358] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[   68.308422][ T4077] Bluetooth: hci2: command 0x2016 tx timeout
[   69.343087][ T4069] Bluetooth: hci0: command 0x041b tx timeout
[   69.376254][ T4108] ntfs3: loop1: ntfs3_write_inode r=5 failed, -22.
[   69.416498][ T4030] ntfs3: loop1: ntfs_evict_inode r=5 failed, -22.
[   69.680415][ T4397] netlink: 4 bytes leftover after parsing attributes in process `syz.3.81'.
[   69.766582][ T4405] netlink: 8 bytes leftover after parsing attributes in process `syz.4.82'.
[   69.773181][ T2057] ieee802154 phy0 wpan0: encryption failed: -22
[   69.775047][ T2057] ieee802154 phy1 wpan1: encryption failed: -22
[   69.817459][ T4393] loop1: detected capacity change from 0 to 2048
[   69.846533][ T4393] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   69.886382][ T4405] netlink: 'syz.4.82': attribute type 1 has an invalid length.
[   69.921814][ T4405] netlink: 'syz.4.82': attribute type 2 has an invalid length.
[   70.884847][ T4436] netlink: 28 bytes leftover after parsing attributes in process `syz.3.86'.
[   71.034020][ T4440] netlink: 4 bytes leftover after parsing attributes in process `syz.4.88'.
[   71.205029][ T4448] loop3: detected capacity change from 0 to 4096
[   71.223449][ T4455] loop1: detected capacity change from 0 to 256
[   71.244545][ T4448] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512)
[   71.294599][ T4455] exfat: Deprecated parameter 'utf8'
[   71.297803][ T4455] exfat: Deprecated parameter 'utf8'
[   71.376625][ T4455] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d)
[   71.704639][ T1982] Bluetooth: hci0: command 0x040f tx timeout
[   71.746054][ T4448] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[   71.753254][ T4303] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   71.821690][ T4303] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   71.968042][ T4303] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   72.240013][ T4303] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   72.357643][ T4479] loop4: detected capacity change from 0 to 128
[   72.615049][ T4303] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.633818][ T1982] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   72.636615][ T1982] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   72.673104][ T4303] 8021q: adding VLAN 0 to HW filter on device team0
[   72.691751][ T1982] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   72.694521][ T1982] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   72.697254][ T1982] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.699352][ T1982] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.738910][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   72.741552][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   72.752077][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   72.755286][ T4069] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.757096][ T4069] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.782136][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   72.795905][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   72.855930][ T4303] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   72.859347][ T4303] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   72.872816][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   72.880267][  T443] ntfs3: loop3: ntfs3_write_inode r=5 failed, -22.
[   72.898946][ T4028] ntfs3: loop3: ntfs_evict_inode r=5 failed, -22.
[   73.072902][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   73.075611][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   73.078726][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   73.081286][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   73.083824][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   73.086711][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   73.092595][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   73.257581][ T4499] x_tables: unsorted underflow at hook 3
[   73.564868][ T4498] netlink: 28 bytes leftover after parsing attributes in process `syz.3.99'.
[   73.599999][ T4495] loop1: detected capacity change from 0 to 2048
[   73.855807][ T4500] Bluetooth: hci0: command 0x0419 tx timeout
[   74.068895][ T4495] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   74.119262][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   74.122074][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   75.168535][ T3322] cfg80211: failed to load regulatory.db
[   75.277651][ T4528] device veth0_vlan left promiscuous mode
[   75.281763][ T4528] device veth0_vlan entered promiscuous mode
[   75.296757][ T4303] 8021q: adding VLAN 0 to HW filter on device batadv0
[   75.709154][ T4551] raw_sendmsg: syz.1.106 forgot to set AF_INET. Fix it!
[   76.050018][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   76.268438][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   76.382639][ T4549] loop2: detected capacity change from 0 to 2048
[   76.485064][ T1535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   76.491306][ T1535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   76.556847][ T4567] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   76.607446][ T4036] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   76.611379][ T4036] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   76.614424][ T4036] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   76.624333][ T4036] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   76.632622][ T4303] device veth0_vlan entered promiscuous mode
[   76.831662][ T4574] netlink: 28 bytes leftover after parsing attributes in process `syz.2.111'.
[   76.871848][ T4303] device veth1_vlan entered promiscuous mode
[   77.117044][ T4581] netlink: 4 bytes leftover after parsing attributes in process `syz.2.113'.
[   77.139697][ T4584] netlink: 4 bytes leftover after parsing attributes in process `syz.1.114'.
[   77.142313][    T9] device hsr_slave_0 left promiscuous mode
[   77.196598][    T9] device hsr_slave_1 left promiscuous mode
[   77.248991][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   77.253538][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[   77.260688][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   77.271308][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[   77.277473][    T9] device bridge_slave_1 left promiscuous mode
[   77.285645][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.367808][    T9] device bridge_slave_0 left promiscuous mode
[   77.369949][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.528725][    T9] device veth1_macvtap left promiscuous mode
[   77.530779][    T9] device veth0_macvtap left promiscuous mode
[   77.532610][    T9] device veth1_vlan left promiscuous mode
[   77.534417][    T9] device veth0_vlan left promiscuous mode
[   78.774970][    T9] team0 (unregistering): Port device team_slave_1 removed
[   78.795961][    T9] team0 (unregistering): Port device team_slave_0 removed
[   78.811668][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   78.883718][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   79.016862][    T9] bond0 (unregistering): Released all slaves
[   79.097377][ T4303] device veth0_macvtap entered promiscuous mode
[   79.113667][ T4036] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   79.116262][ T4036] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   79.130011][ T4036] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   79.132693][ T4036] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   79.142428][ T4303] device veth1_macvtap entered promiscuous mode
[   79.157963][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   79.197180][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.207351][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   79.281989][ T4615] netlink: 8 bytes leftover after parsing attributes in process `syz.2.122'.
[   79.284711][ T4615] netlink: 8 bytes leftover after parsing attributes in process `syz.2.122'.
[   79.307524][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.313794][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   79.327800][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.340322][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   79.351232][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   79.374312][ T4303] batman_adv: batadv0: Interface activated: batadv_slave_0
[   79.385796][ T1535] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   79.388457][ T1535] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   79.391282][ T1535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   79.414468][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   80.339678][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.348804][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   80.358560][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.370950][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   80.382677][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.391258][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   80.400648][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.409500][ T4303] batman_adv: batadv0: Interface activated: batadv_slave_1
[   80.432742][ T4303] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   80.537425][ T4303] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   80.555743][ T4303] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   80.563241][ T4303] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.439613][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   81.442506][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   81.523734][ T4644] netlink: 12 bytes leftover after parsing attributes in process `syz.2.125'.
[   81.798103][ T4264] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.800348][ T4264] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.824813][ T4658] udc-core: couldn't find an available UDC or it's busy
[   81.826736][ T4658] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[   81.827018][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   81.884994][  T338] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.887258][  T338] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.891631][ T4067] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   81.928751][ T4663] netlink: 4 bytes leftover after parsing attributes in process `syz.1.130'.
[   81.936543][ T4661] netlink: 4 bytes leftover after parsing attributes in process `syz.3.129'.
[   83.395186][ T4689] loop0: detected capacity change from 0 to 64
[   83.514025][ T4689] hfs: unable to locate alternate MDB
[   83.516220][ T4689] hfs: continuing without an alternate MDB
[   83.867159][ T4704] loop3: detected capacity change from 0 to 512
[   84.197665][ T4077] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   84.341513][ T4704] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   84.377675][ T4704] EXT4-fs (loop3): invalid journal inode
[   84.452060][ T4716] process 'syz.2.143' launched './file1' with NULL argv: empty string added
[   84.798299][ T4077] usb 1-1: Using ep0 maxpacket: 8
[   84.829600][ T4720] loop4: detected capacity change from 0 to 8192
[   85.767702][ T4077] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[   85.775267][ T4720] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal
[   85.777655][ T4720] REISERFS (device loop4): using ordered data mode
[   85.780216][ T4720] reiserfs: using flush barriers
[   85.782481][ T4720] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   85.787193][ T4720] REISERFS (device loop4): checking transaction log (loop4)
[   85.792223][ T4720] REISERFS (device loop4): Using r5 hash to sort names
[   85.794189][ T4720] REISERFS (device loop4): using 3.5.x disk format
[   85.798966][ T4720] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
[   86.488287][ T4077] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.40
[   86.490586][ T4077] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.492740][ T4077] usb 1-1: Product: syz
[   86.493958][ T4077] usb 1-1: Manufacturer: syz
[   86.598421][ T4077] usb 1-1: can't set config #1, error -71
[   86.615642][ T4077] usb 1-1: USB disconnect, device number 2
[   86.952027][ T4749] netlink: 4 bytes leftover after parsing attributes in process `syz.1.154'.
[   88.263548][ T4764] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD
[   88.385819][ T4764] netlink: 'syz.1.157': attribute type 1 has an invalid length.
[   88.387831][ T4764] netlink: 105116 bytes leftover after parsing attributes in process `syz.1.157'.
[   90.668723][ T4785] loop1: detected capacity change from 0 to 2048
[   90.734582][ T4788] netlink: 36 bytes leftover after parsing attributes in process `syz.3.163'.
[   90.945285][ T4785] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   91.275511][ T4799] binder: 4794:4799 ioctl 400c620e 0 returned -14
[   91.302578][ T4799] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   91.879991][ T4794] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   92.008601][ T4798] netlink: 4 bytes leftover after parsing attributes in process `syz.2.167'.
[   92.312069][ T4815] syz.2.171 uses obsolete (PF_INET,SOCK_PACKET)
[   92.374539][ T4813] loop1: detected capacity change from 0 to 1024
[   92.483658][ T4813] EXT4-fs (loop1): filesystem is read-only
[   92.485329][ T4813] EXT4-fs (loop1): #clusters per group too big: 8193
[   92.495689][ T4821] netlink: 44 bytes leftover after parsing attributes in process `syz.3.173'.
[   92.564862][ T4822] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[   92.564862][ T4822] The task syz.3.173 (4822) triggered the difference, watch for misbehavior.
[   92.575793][ T4822] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   92.635210][ T4822] loop3: detected capacity change from 0 to 736
[   92.775159][ T4822] rock: directory entry would overflow storage
[   92.781647][ T4822] rock: sig=0x3b10, size=4, remaining=3
[   92.854530][ T4827] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[   93.114089][ T4831] loop1: detected capacity change from 0 to 256
[   94.060139][ T4839] netlink: 'syz.1.178': attribute type 24 has an invalid length.
[   94.205834][ T4843] loop2: detected capacity change from 0 to 8
[   94.485894][ T4843] SQUASHFS error: Failed to read block 0x730: -5
[   94.487658][ T4843] SQUASHFS error: Unable to read metadata cache entry [72e]
[   96.950097][ T4853] netlink: 12 bytes leftover after parsing attributes in process `syz.1.183'.
[   97.013059][ T4861] loop4: detected capacity change from 0 to 256
[   97.019480][ T4855] netlink: 4 bytes leftover after parsing attributes in process `syz.2.182'.
[   97.112969][ T4861] FAT-fs (loop4): codepage cp946 not found
[   97.574848][ T4878] binder: 4877:4878 tried to acquire reference to desc 0, got 1 instead
[   97.580637][ T4878] binder: 4877:4878 Release 1 refcount change on invalid ref 0 ret -22
[   97.583814][ T4878] binder: 4878 RLIMIT_NICE not set
[   97.585537][ T4878] binder: 4878 RLIMIT_NICE not set
[   97.590079][ T4878] udc-core: couldn't find an available UDC or it's busy
[   97.592100][ T4878] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[   98.654981][    T7] binder: release 4877:4878 transaction 5 out, still active
[   98.657227][    T7] binder: undelivered TRANSACTION_COMPLETE
[   98.792503][ T4891] netlink: 'syz.0.193': attribute type 4 has an invalid length.
[   98.891353][ T4885] netlink: 24 bytes leftover after parsing attributes in process `syz.3.194'.
[   98.927589][ T4895] loop1: detected capacity change from 0 to 256
[   99.833455][ T4079] binder: release 4877:4878 transaction 5 in, still active
[   99.835918][ T4079] binder: send failed reply for transaction 5, target dead
[  100.085907][   T26] audit: type=1326 audit(100.020:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4894 comm="syz.1.197" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffa3514e68 code=0x0
[  100.499420][ T4903] netlink: 4 bytes leftover after parsing attributes in process `syz.4.198'.
[  100.559444][ T4907] loop2: detected capacity change from 0 to 8
[  100.623204][ T4909] loop0: detected capacity change from 0 to 1024
[  100.646847][ T4909] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsv1,bsddf,barrier=0x0000000000000000,norecovery,debug_want_extra_isize=0x0000000000000080,min_batch_time=0x0000000000000006,nodelalloc,acl,noinit_itable,,errors=continue. Quota mode: none.
[  100.677849][  T227] block nbd0: Attempted send on invalid socket
[  100.682039][  T227] blk_update_request: I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 0
[  100.917130][ T4919] netlink: 28 bytes leftover after parsing attributes in process `syz.0.200'.
[  100.975544][ T4926] Zero length message leads to an empty skb
[  101.150712][ T4929] loop4: detected capacity change from 0 to 256
[  101.242119][ T4929] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  101.405199][ T4929] exFAT-fs (loop4): hint_cluster is invalid (1)
[  101.407580][ T4929] exFAT-fs (loop4): error, invalid access to exfat cache (entry 0x00000000)
[  101.411949][ T4929] exFAT-fs (loop4): Filesystem has been set read-only
[  101.412921][ T4933] netlink: 4 bytes leftover after parsing attributes in process `syz.1.205'.
[  101.414099][ T4929] exFAT-fs (loop4): error, failed to bmap (inode : 00000000576a1586 iblock : 9, err : -5)
[  101.440714][ T4929] exFAT-fs (loop4): error, tried to truncate zeroed cluster.
[  101.442647][ T4929] exFAT-fs (loop4): error, tried to truncate zeroed cluster.
[  101.589957][ T4929] exFAT-fs (loop4): error, invalid access to exfat cache (entry 0x00000000)
[  101.592400][ T4929] exFAT-fs (loop4): error, failed to bmap (inode : 00000000576a1586 iblock : 0, err : -5)
[  101.595047][ T4929] exFAT-fs (loop4): error, invalid access to exfat cache (entry 0x00000000)
[  101.597359][ T4929] exFAT-fs (loop4): error, failed to bmap (inode : 00000000576a1586 iblock : 1, err : -5)
[  101.631922][ T4929] exFAT-fs (loop4): error, invalid access to exfat cache (entry 0x00000000)
[  101.634244][ T4929] exFAT-fs (loop4): error, failed to bmap (inode : 00000000576a1586 iblock : 2, err : -5)
[  102.446411][ T4950] xt_hashlimit: invalid interval
[  102.737923][ T4958] netlink: 4 bytes leftover after parsing attributes in process `syz.3.213'.
[  102.941542][ T4969] loop1: detected capacity change from 0 to 256
[  103.016247][   T26] audit: type=1326 audit(102.950:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4972 comm="syz.4.217" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa9fe1e68 code=0x7ffc0000
[  103.112616][   T26] audit: type=1326 audit(102.950:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4972 comm="syz.4.217" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=47 compat=0 ip=0xffffa9fe1e68 code=0x7ffc0000
[  103.159564][   T26] audit: type=1326 audit(102.950:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4972 comm="syz.4.217" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa9fe1e68 code=0x7ffc0000
[  103.395136][   T26] audit: type=1326 audit(102.950:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4972 comm="syz.4.217" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=41 compat=0 ip=0xffffa9fe1e68 code=0x7ffc0000
[  103.466793][   T26] audit: type=1326 audit(102.960:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4972 comm="syz.4.217" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa9fe1e68 code=0x7ffc0000
[  103.517951][   T26] audit: type=1326 audit(102.960:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4972 comm="syz.4.217" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffa9fe1e68 code=0x7ffc0000
[  103.564656][   T26] audit: type=1326 audit(102.960:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4972 comm="syz.4.217" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa9fe1e68 code=0x7ffc0000
[  103.660560][   T26] audit: type=1326 audit(102.960:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4972 comm="syz.4.217" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=208 compat=0 ip=0xffffa9fe1e68 code=0x7ffc0000
[  103.666764][   T26] audit: type=1326 audit(102.960:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4972 comm="syz.4.217" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa9fe1e68 code=0x7ffc0000
[  103.928641][ T4988] loop4: detected capacity change from 0 to 8
[  104.240906][ T4988] SQUASHFS error: Failed to read block 0x730: -5
[  104.242643][ T4988] SQUASHFS error: Unable to read metadata cache entry [72e]
[  106.288830][ T4996] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  106.696804][ T4996] ipt_REJECT: ECHOREPLY no longer supported.
[  106.822361][ T5000] loop1: detected capacity change from 0 to 128
[  108.101058][ T5006] netlink: 16 bytes leftover after parsing attributes in process `syz.4.226'.
[  108.138856][ T5006] 9pnet: Insufficient options for proto=fd
[  108.185076][ T5009] netlink: 20 bytes leftover after parsing attributes in process `syz.1.227'.
[  108.220478][ T5009] netlink: 8 bytes leftover after parsing attributes in process `syz.1.227'.
[  108.340531][ T5012] netlink: 4 bytes leftover after parsing attributes in process `syz.4.228'.
[  109.759213][ T5030] netlink: 4 bytes leftover after parsing attributes in process `syz.2.234'.
[  109.999847][ T5041] loop4: detected capacity change from 0 to 128
[  110.011650][ T5038] loop3: detected capacity change from 0 to 512
[  110.048794][ T5038] =======================================================
[  110.048794][ T5038] WARNING: The mand mount option has been deprecated and
[  110.048794][ T5038]          and is ignored by this kernel. Remove the mand
[  110.048794][ T5038]          option from the mount to silence this warning.
[  110.048794][ T5038] =======================================================
[  110.078401][ T5038] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[  110.109719][ T5042] netlink: 20 bytes leftover after parsing attributes in process `syz.1.237'.
[  110.286878][ T5047] loop0: detected capacity change from 0 to 8
[  113.190524][ T5049] loop2: detected capacity change from 0 to 2048
[  114.502144][ T5047] SQUASHFS error: Failed to read block 0x730: -5
[  114.504101][ T5047] SQUASHFS error: Unable to read metadata cache entry [72e]
[  114.800795][ T5038] EXT4-fs: error -4 creating inode table initialization thread
[  114.810958][ T5038] EXT4-fs (loop3): mount failed
[  114.974598][ T5055] netlink: 4 bytes leftover after parsing attributes in process `syz.1.240'.
[  115.529643][ T5063] netlink: 24 bytes leftover after parsing attributes in process `syz.0.242'.
[  115.783431][ T5076] sch_tbf: burst 8 is lower than device lo mtu (65550) !
[  117.225211][ T5090] loop1: detected capacity change from 0 to 4096
[  117.295133][ T5090] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512)
[  117.308607][ T5090] ntfs3: loop1: This driver is compiled without CONFIG_NTFS3_64BIT_CLUSTER (like windows driver).
[  117.308607][ T5090] Volume contains 64 bits run: vcn 0, lcn ffffffffffffff03, len 80.
[  117.308607][ T5090] Activate CONFIG_NTFS3_64BIT_CLUSTER to process this case
[  117.316009][ T5090] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  117.319733][ T5090] ntfs3: loop1: Failed to load $LogFile.
[  117.323627][ T5091] netlink: 4 bytes leftover after parsing attributes in process `syz.0.249'.
[  117.341252][ T5094] loop2: detected capacity change from 0 to 256
[  117.431861][ T5094] FAT-fs (loop2): Unrecognized mount option "shoŠtname=mixed" or missing value
[  118.139427][ T5096] netlink: 165 bytes leftover after parsing attributes in process `syz.2.250'.
[  118.675462][ T5100] loop2: detected capacity change from 0 to 128
[  120.430911][ T5111] trusted_key: encrypted_key: keyword 'update' not allowed when called from .instantiate method
[  120.783138][ T5114] loop1: detected capacity change from 0 to 8
[  122.281275][ T5114] SQUASHFS error: Failed to read block 0x730: -5
[  122.282942][ T5114] SQUASHFS error: Unable to read metadata cache entry [72e]
[  123.452639][ T5122] loop0: detected capacity change from 0 to 2048
[  124.288916][ T5122] EXT4-fs (loop0): mounted filesystem without journal. Opts: noquota,,errors=continue. Quota mode: none.
[  124.316699][ T5127] netlink: 4 bytes leftover after parsing attributes in process `syz.1.256'.
[  126.464463][ T5164] loop1: detected capacity change from 0 to 256
[  126.499101][ T5164] FAT-fs (loop1): Unrecognized mount option "shoŠtname=mixed" or missing value
[  126.530579][ T5149] chnl_net:caif_netlink_parms(): no params data found
[  126.537357][ T5158] bridge0: port 3(vlan2) entered blocking state
[  126.543665][ T5158] bridge0: port 3(vlan2) entered disabled state
[  126.563231][ T5160] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  126.676453][ T5149] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.678793][ T5149] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.681778][ T5149] device bridge_slave_0 entered promiscuous mode
[  126.685613][ T5149] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.687533][ T5149] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.691233][ T5149] device bridge_slave_1 entered promiscuous mode
[  126.708320][ T5149] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  126.713290][ T5149] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  126.730787][ T5149] team0: Port device team_slave_0 added
[  126.735810][ T5149] team0: Port device team_slave_1 added
[  126.750625][ T5149] batman_adv: batadv0: Adding interface: batadv_slave_0
[  126.752510][ T5149] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  126.759897][ T5149] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  126.764438][ T5149] batman_adv: batadv0: Adding interface: batadv_slave_1
[  126.766284][ T5149] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  126.775132][ T5149] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  127.254253][ T5172] netlink: 165 bytes leftover after parsing attributes in process `syz.1.267'.
[  128.078228][ T5180] loop0: detected capacity change from 0 to 8
[  129.261183][ T4122] Bluetooth: hci5: command 0x0409 tx timeout
[  129.263100][ T4122] Bluetooth: hci6: command 0x0409 tx timeout
[  129.281865][ T5180] SQUASHFS error: Failed to read block 0x730: -5
[  129.283443][ T5180] SQUASHFS error: Unable to read metadata cache entry [72e]
[  129.906527][ T5188] netlink: 4 bytes leftover after parsing attributes in process `syz.2.271'.
[  130.865835][ T4710] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.916386][ T4710] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.030793][ T5149] device hsr_slave_0 entered promiscuous mode
[  131.068757][ T5149] device hsr_slave_1 entered promiscuous mode
[  131.099415][ T2057] ieee802154 phy0 wpan0: encryption failed: -22
[  131.101149][ T2057] ieee802154 phy1 wpan1: encryption failed: -22
[  131.110477][ T5149] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  131.112482][ T5149] Cannot create hsr debugfs directory
[  131.123582][ T4710] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.145164][ T5144] chnl_net:caif_netlink_parms(): no params data found
[  131.202943][ T4710] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.235686][ T5144] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.237836][ T5144] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.240816][ T5144] device bridge_slave_0 entered promiscuous mode
[  131.250755][ T5144] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.252889][ T5144] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.255739][ T5144] device bridge_slave_1 entered promiscuous mode
[  131.279704][ T5144] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  131.284699][ T5144] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  131.301865][ T5144] team0: Port device team_slave_0 added
[  131.305804][ T5144] team0: Port device team_slave_1 added
[  131.320246][ T5144] batman_adv: batadv0: Adding interface: batadv_slave_0
[  131.322077][ T5144] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  131.329249][ T5144] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  131.333500][ T5144] batman_adv: batadv0: Adding interface: batadv_slave_1
[  131.335970][ T5144] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  131.343317][ T3322] Bluetooth: hci6: command 0x041b tx timeout
[  131.344387][ T5144] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  131.345007][ T3322] Bluetooth: hci5: command 0x041b tx timeout
[  131.430469][ T5144] device hsr_slave_0 entered promiscuous mode
[  131.469243][ T5144] device hsr_slave_1 entered promiscuous mode
[  131.508483][ T5144] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  131.510534][ T5144] Cannot create hsr debugfs directory
[  131.561800][ T5149] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.606989][ T5149] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.915201][ T5149] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.318968][ T5225] tmpfs: Unknown parameter 'grpquota'
[  133.324990][ T5149] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  133.397637][ T5225] sp0: Synchronizing with TNC
[  133.418616][ T5225] tmpfs: Bad value for 'nr_inodes'
[  133.429894][ T4122] Bluetooth: hci5: command 0x040f tx timeout
[  133.431646][ T4122] Bluetooth: hci6: command 0x040f tx timeout
[  133.433913][ T5230] udc-core: couldn't find an available UDC or it's busy
[  133.435814][ T5230] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  133.521954][ T4023] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  134.801519][ T5234] loop1: detected capacity change from 0 to 32768
[  134.828242][ T4023] usb 1-1: Using ep0 maxpacket: 16
[  134.882955][ T5234] XFS (loop1): Mounting V5 Filesystem
[  134.939322][ T5234] XFS (loop1): Ending clean mount
[  134.946756][ T5234] XFS (loop1): Quotacheck needed: Please wait.
[  134.953848][ T4023] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  134.957245][ T4023] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  134.967565][ T4023] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  134.979001][ T4023] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.026594][ T4023] usb 1-1: config 0 descriptor??
[  135.040333][ T5234] XFS (loop1): Quotacheck: Done.
[  135.162955][ T5260] netlink: 24 bytes leftover after parsing attributes in process `syz.2.280'.
[  135.303121][ T5144] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  135.306548][ T5268] loop2: detected capacity change from 0 to 512
[  135.340602][ T5144] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  135.361433][ T5268] EXT4-fs (loop2): Unrecognized mount option "subj_type=\#+" or missing value
[  135.392114][ T5144] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  135.445165][ T5144] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  135.498607][ T4067] Bluetooth: hci6: command 0x0419 tx timeout
[  135.504712][ T4067] Bluetooth: hci5: command 0x0419 tx timeout
[  135.615622][ T5149] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  135.661287][ T5149] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  136.729977][ T5149] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  136.732067][ T4030] XFS (loop1): Unmounting Filesystem
[  136.748303][ T5286] loop2: detected capacity change from 0 to 40427
[  136.788391][ T4023] usbhid 1-1:0.0: can't add hid device: -71
[  136.790244][ T4023] usbhid: probe of 1-1:0.0 failed with error -71
[  136.793580][ T4023] usb 1-1: USB disconnect, device number 3
[  136.841906][ T5149] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  136.846040][ T5286] F2FS-fs (loop2): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  136.848371][ T5286] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  136.867935][ T5286] F2FS-fs (loop2): invalid crc value
[  136.892011][ T5286] F2FS-fs (loop2): Found nat_bits in checkpoint
[  137.471142][ T5286] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  137.473573][ T5286] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  137.748925][ T5299] loop0: detected capacity change from 0 to 512
[  137.882115][ T5144] 8021q: adding VLAN 0 to HW filter on device bond0
[  137.911293][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  137.913848][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  137.919553][ T5299] EXT4-fs (loop0): Mount option "noacl" will be removed by 3.5
[  137.919553][ T5299] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  137.919553][ T5299] 
[  137.920473][ T5144] 8021q: adding VLAN 0 to HW filter on device team0
[  137.969391][ T5299] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  137.998636][ T5299] EXT4-fs (loop0): 1 truncate cleaned up
[  138.000132][ T5299] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,min_batch_time=0x0000000000000001,noload,nombcache,usrjquota="init_itable=0x0000000000000601,noacl,data_err=abort,,errors=continue. Quota mode: writeback.
[  138.237100][ T5317] loop1: detected capacity change from 0 to 512
[  138.314219][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  138.316883][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  138.320081][ T4023] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.321930][ T4023] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.324381][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  138.393514][ T5319] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters
[  139.268388][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  139.268874][ T5317] EXT4-fs error (device loop1): ext4_ext_check_inode:501: inode #15: comm syz.1.282: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  139.270971][ T4023] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.275742][ T5317] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.282: couldn't read orphan inode 15 (err -117)
[  139.277120][ T4023] bridge0: port 2(bridge_slave_1) entered forwarding state
[  139.298959][ T5317] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  139.319850][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  139.339030][ T5149] 8021q: adding VLAN 0 to HW filter on device bond0
[  139.370260][ T5323] sctp: [Deprecated]: syz.2.286 (pid 5323) Use of int in maxseg socket option.
[  139.370260][ T5323] Use struct sctp_assoc_value instead
[  139.447249][ T5322] netlink: 8 bytes leftover after parsing attributes in process `syz.2.286'.
[  139.585690][ T3322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  139.588563][ T3322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  139.591451][ T3322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  139.595789][ T3322] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  139.614803][ T3322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  141.094364][ T3322] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  141.094894][ T3322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  141.095345][ T3322] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  141.095781][ T3322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  141.096205][ T3322] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  141.130914][ T4710] device hsr_slave_0 left promiscuous mode
[  141.187354][ T4710] device hsr_slave_1 left promiscuous mode
[  141.335075][ T5334] loop0: detected capacity change from 0 to 512
[  141.388379][ T4710] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  141.390358][ T4710] batman_adv: batadv0: Removing interface: batadv_slave_0
[  142.905091][ T4710] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  142.915485][ T4710] batman_adv: batadv0: Removing interface: batadv_slave_1
[  143.019755][ T5334] EXT4-fs (loop0): 1 orphan inode deleted
[  143.027895][ T5334] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  143.045862][ T4710] device bridge_slave_1 left promiscuous mode
[  143.047589][ T4710] bridge0: port 2(bridge_slave_1) entered disabled state
[  143.125830][ T4710] device bridge_slave_0 left promiscuous mode
[  143.127515][ T4710] bridge0: port 1(bridge_slave_0) entered disabled state
[  143.224876][ T5334] input: syz1 as /devices/virtual/input/input2
[  143.375428][ T4710] device veth1_macvtap left promiscuous mode
[  143.377100][ T4710] device veth0_macvtap left promiscuous mode
[  143.380695][ T4710] device veth1_vlan left promiscuous mode
[  143.382283][ T4710] device veth0_vlan left promiscuous mode
[  143.407100][ T5364] loop1: detected capacity change from 0 to 760
[  143.437039][ T5367] netlink: 104 bytes leftover after parsing attributes in process `syz.2.291'.
[  144.764883][ T5424] udc-core: couldn't find an available UDC or it's busy
[  144.766783][ T5424] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  144.768377][ T5422] loop1: detected capacity change from 0 to 256
[  144.779991][ T5422] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  144.797388][ T5422] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  144.859743][ T5422] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  144.861823][ T5422] UDF-fs: Scanning with blocksize 512 failed
[  144.873904][ T5422] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  144.895389][ T5422] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  145.354118][ T4710] team0 (unregistering): Port device team_slave_1 removed
[  145.366908][ T4710] team0 (unregistering): Port device team_slave_0 removed
[  145.381604][ T4710] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  145.435946][ T4710] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  145.597385][ T4710] bond0 (unregistering): Released all slaves
[  145.696239][ T5144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  145.703932][ T3322] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  145.706703][ T3322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  145.709934][ T3322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  145.715052][ T5149] 8021q: adding VLAN 0 to HW filter on device team0
[  145.720910][ T5434] netlink: 16 bytes leftover after parsing attributes in process `syz.1.297'.
[  145.727357][ T5438] device bond0 entered promiscuous mode
[  145.730006][ T5438] device bond_slave_0 entered promiscuous mode
[  145.731743][ T5438] device bond_slave_1 entered promiscuous mode
[  145.734104][ T5438] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  145.768903][ T5438] device bond0 left promiscuous mode
[  145.770502][ T5438] device bond_slave_0 left promiscuous mode
[  145.772147][ T5438] device bond_slave_1 left promiscuous mode
[  145.858299][ T4077] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  145.861358][ T4077] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  145.863896][ T4077] bridge0: port 1(bridge_slave_0) entered blocking state
[  145.865901][ T4077] bridge0: port 1(bridge_slave_0) entered forwarding state
[  145.875476][ T4077] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  145.882047][ T4077] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  145.887982][ T4077] bridge0: port 2(bridge_slave_1) entered blocking state
[  145.889972][ T4077] bridge0: port 2(bridge_slave_1) entered forwarding state
[  145.895686][ T4077] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  145.927600][ T4077] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  145.930738][ T4077] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  145.933549][ T4077] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  145.957497][ T4077] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  145.970740][ T4077] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  145.977039][ T4077] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  145.991215][ T4067] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  145.993772][ T4067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  145.996472][ T4067] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  146.001884][ T4067] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  146.004712][ T4067] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  146.014988][ T5144] 8021q: adding VLAN 0 to HW filter on device batadv0
[  146.022717][ T5149] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  146.025598][ T5446] tun0: tun_chr_ioctl cmd 1074025692
[  146.032328][ T4067] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  146.034465][ T4067] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  146.187807][ T4067] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  146.190451][ T4067] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  146.213026][ T5149] 8021q: adding VLAN 0 to HW filter on device batadv0
[  146.237770][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  146.240915][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  146.252907][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  146.255691][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  146.260285][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  146.281779][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  146.292916][ T5149] device veth0_vlan entered promiscuous mode
[  146.323545][ T5149] device veth1_vlan entered promiscuous mode
[  146.349845][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  146.352428][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  146.355049][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  146.516984][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  146.535693][ T5149] device veth0_macvtap entered promiscuous mode
[  146.552076][ T5149] device veth1_macvtap entered promiscuous mode
[  146.570048][ T4067] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  146.572530][ T4067] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  146.575188][ T4067] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  147.500405][ T4067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  147.518348][ T5149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  147.524859][ T5149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.527786][ T5149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  147.531266][ T5149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.534013][ T5149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  147.536914][ T5149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.540286][ T5149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  147.543244][ T5149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.551301][ T5149] batman_adv: batadv0: Interface activated: batadv_slave_0
[  147.557899][ T4077] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  147.560820][ T4070] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  147.561965][ T4077] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  147.570464][ T5144] device veth0_vlan entered promiscuous mode
[  147.573897][ T4077] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  147.577632][ T4077] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  147.592271][ T5149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  147.599843][ T5149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.602516][ T5149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  147.605359][ T5149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.608034][ T5149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  147.631514][ T5149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.634163][ T5149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  147.636908][ T5149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  147.659753][ T5149] batman_adv: batadv0: Interface activated: batadv_slave_1
[  147.690463][ T4067] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  147.692921][ T4067] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  147.695352][ T4067] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  147.698034][ T4067] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  147.705957][ T5149] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  147.711947][ T5149] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  147.718823][ T5149] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  147.723212][ T5470] binder: 5469:5470 ioctl 9408 0 returned -22
[  147.736494][ T5149] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  147.762931][ T5472] binder: 5471:5472 Acquire 1 refcount change on invalid ref 0 ret -22
[  147.802621][ T5144] device veth1_vlan entered promiscuous mode
[  147.893287][ T4067] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  147.895831][ T4067] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  147.901734][ T4067] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  147.904372][ T4067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  147.909840][ T5144] device veth0_macvtap entered promiscuous mode
[  147.914462][ T5144] device veth1_macvtap entered promiscuous mode
[  147.977508][  T153] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  147.983649][  T153] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  147.992322][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  147.995018][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  147.997455][ T4023] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  148.016207][ T5144] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  148.032277][ T5144] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.072396][ T5144] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  148.075199][ T5144] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.077656][ T5144] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  148.109052][ T5144] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.122403][ T5144] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  148.125462][ T5144] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  148.970687][ T5144] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  148.973483][ T5144] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.028645][ T5144] batman_adv: batadv0: Interface activated: batadv_slave_0
[  149.032809][ T5144] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  149.035478][ T5144] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.037978][ T5144] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  149.071920][ T5144] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.078845][ T5144] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  149.081550][ T5144] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.104624][ T5144] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  149.117861][ T5144] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.137690][ T5144] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  149.148207][ T5144] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  149.148720][ T5477] loop0: detected capacity change from 0 to 32768
[  149.160881][ T5144] batman_adv: batadv0: Interface activated: batadv_slave_1
[  149.190922][ T4122] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  149.193726][ T4122] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  149.196547][ T4122] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  149.214696][ T4122] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  149.221391][ T5144] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  149.223697][ T5144] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  149.225999][ T5144] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  149.265987][ T5144] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  149.283638][ T5477] XFS (loop0): Mounting V5 Filesystem
[  149.309723][ T4108] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  149.312938][ T4108] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  149.324461][ T1535] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  149.555268][ T5477] XFS (loop0): Ending clean mount
[  149.557928][ T5477] XFS (loop0): Quotacheck needed: Please wait.
[  149.604299][ T5477] XFS (loop0): Quotacheck: Done.
[  149.614499][ T4264] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  149.628336][ T4264] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  149.638033][ T4122] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  149.690721][ T5497] netlink: 4 bytes leftover after parsing attributes in process `syz.3.263'.
[  149.728617][ T4844] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  149.731012][ T4844] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  149.753990][ T4122] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  150.704212][ T4303] XFS (loop0): Unmounting Filesystem
[  150.728805][ T4070] usb 1-1: unable to get BOS descriptor or descriptor too short
[  150.735574][ T5509] loop3: detected capacity change from 0 to 8192
[  150.799822][ T4070] usb 1-1: unable to read config index 0 descriptor/start: -71
[  150.801912][ T4070] usb 1-1: can't read configurations, error -71
[  151.005929][ T5515] loop4: detected capacity change from 0 to 2048
[  151.420855][ T5520] netlink: 48 bytes leftover after parsing attributes in process `syz.3.313'.
[  151.511836][ T5518] loop4: detected capacity change from 0 to 128
[  151.586916][ T5518] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  151.601080][ T5518] UDF-fs: error (device loop4): udf_read_inode: (ino 93) failed !bh
[  151.603360][ T5518] UDF-fs: Scanning with blocksize 512 failed
[  151.613566][ T5518] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  151.638738][ T5518] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  151.641420][ T5518] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  151.643590][ T5518] UDF-fs: Scanning with blocksize 1024 failed
[  151.687644][ T5518] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  151.709577][ T5518] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  151.712266][ T5518] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  151.714981][ T5518] UDF-fs: Scanning with blocksize 2048 failed
[  151.744118][ T5518] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  151.754557][ T5518] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  151.757227][ T5518] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  151.760262][ T5526] loop0: detected capacity change from 0 to 4096
[  151.766642][ T5518] UDF-fs: Scanning with blocksize 4096 failed
[  151.772267][ T5518] UDF-fs: warning (device loop4): udf_fill_super: No partition found (1)
[  151.970090][ T5530] IPv6: ADDRCONF(NETDEV_CHANGE): rose0: link becomes ready
[  152.532919][ T5537] loop4: detected capacity change from 0 to 512
[  152.632707][ T5537] EXT4-fs error (device loop4): ext4_ext_check_inode:501: inode #15: comm syz.4.318: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  152.640352][ T5537] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.318: couldn't read orphan inode 15 (err -117)
[  152.669608][ T5537] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  152.685826][ T5541] netlink: 4 bytes leftover after parsing attributes in process `syz.1.319'.
[  152.759001][ T5530] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  153.026139][ T5552] netlink: 4 bytes leftover after parsing attributes in process `syz.2.323'.
[  153.835563][ T5571] loop4: detected capacity change from 0 to 512
[  153.929273][ T5571] EXT4-fs (loop4): Mount option "noacl" will be removed by 3.5
[  153.929273][ T5571] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  153.929273][ T5571] 
[  153.934302][ T5576] loop3: detected capacity change from 0 to 512
[  153.944111][ T5571] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  153.957902][ T5571] EXT4-fs (loop4): 1 truncate cleaned up
[  153.963950][ T5571] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota=,min_batch_time=0x0000000000000001,noload,nombcache,usrjquota="init_itable=0x0000000000000601,noacl,data_err=abort,,errors=continue. Quota mode: writeback.
[  153.983762][ T5576] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  154.001885][ T5576] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002]
[  154.006150][ T5564] device batadv0 entered promiscuous mode
[  154.009031][ T5563] device batadv0 left promiscuous mode
[  154.009819][ T5576] System zones: 1-12
[  154.012384][ T5576] EXT4-fs (loop3): orphan cleanup on readonly fs
[  154.014001][ T5576] EXT4-fs error (device loop3): ext4_read_inode_bitmap:168: comm syz.3.328: Inode bitmap for bg 0 marked uninitialized
[  154.108751][ T5576] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  154.307317][ T5585] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters
[  155.292793][ T5590] loop1: detected capacity change from 0 to 128
[  155.352462][ T5576] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  155.353226][ T5590] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  155.417909][ T5590] UDF-fs: error (device loop1): udf_read_inode: (ino 93) failed !bh
[  155.427295][ T5590] UDF-fs: Scanning with blocksize 512 failed
[  155.436297][ T5590] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  155.442084][ T5590] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  155.445054][ T5590] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  155.447412][ T5590] UDF-fs: Scanning with blocksize 1024 failed
[  155.450518][ T5590] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  155.453865][ T5590] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  155.456931][ T5590] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  155.465868][ T5590] UDF-fs: Scanning with blocksize 2048 failed
[  155.470049][ T5590] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  155.474541][ T5590] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  155.480135][ T5590] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  155.484344][ T5590] UDF-fs: Scanning with blocksize 4096 failed
[  155.485986][ T5590] UDF-fs: warning (device loop1): udf_fill_super: No partition found (1)
[  156.726677][ T5603] udc-core: couldn't find an available UDC or it's busy
[  156.732579][ T5603] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  156.785353][ T5603] loop3: detected capacity change from 0 to 512
[  156.846258][ T5605] netlink: 4 bytes leftover after parsing attributes in process `syz.0.336'.
[  156.854400][ T5603] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  157.362971][ T5611] netlink: 76 bytes leftover after parsing attributes in process `syz.3.334'.
[  157.468944][   T26] kauditd_printk_skb: 63 callbacks suppressed
[  157.469052][   T26] audit: type=1326 audit(157.060:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5600 comm="syz.1.335" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa3514e68 code=0x7fc00000
[  157.892271][ T4070] Bluetooth: hci0: command 0x0c20 tx timeout
[  157.904808][   T26] audit: type=1326 audit(157.840:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5600 comm="syz.1.335" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffffa350c9cc code=0x7fc00000
[  157.915409][   T26] audit: type=1326 audit(157.840:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5600 comm="syz.1.335" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffa360487c code=0x7fc00000
[  157.981692][ T5615] loop0: detected capacity change from 0 to 512
[  157.996966][ T5615] EXT4-fs error (device loop0): ext4_ext_check_inode:501: inode #15: comm syz.0.337: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  158.017856][ T5615] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.337: couldn't read orphan inode 15 (err -117)
[  158.039754][ T5615] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  158.060141][ T5618] netlink: 20 bytes leftover after parsing attributes in process `syz.4.338'.
[  160.226274][ T5642] loop2: detected capacity change from 0 to 4096
[  160.296757][ T5642] ntfs3: loop2: Different NTFS' sector size (2048) and media sector size (512)
[  160.313672][ T5642] ntfs3: loop2: This driver is compiled without CONFIG_NTFS3_64BIT_CLUSTER (like windows driver).
[  160.313672][ T5642] Volume contains 64 bits run: vcn 0, lcn ffffffffffffff03, len 80.
[  160.313672][ T5642] Activate CONFIG_NTFS3_64BIT_CLUSTER to process this case
[  160.320797][ T5642] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  160.327989][ T5642] ntfs3: loop2: Failed to load $LogFile.
[  160.420608][ T5644] netlink: 12 bytes leftover after parsing attributes in process `syz.1.345'.
[  160.423003][ T5644] device bridge_slave_1 left promiscuous mode
[  160.460243][ T5644] bridge0: port 2(bridge_slave_1) entered disabled state
[  160.494084][ T5644] device bridge_slave_0 left promiscuous mode
[  160.495821][ T5644] bridge0: port 1(bridge_slave_0) entered disabled state
[  160.651093][ T5650] loop0: detected capacity change from 0 to 128
[  160.758417][ T5650] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  160.793638][ T5650] UDF-fs: error (device loop0): udf_read_inode: (ino 93) failed !bh
[  160.798529][ T5650] UDF-fs: Scanning with blocksize 512 failed
[  160.881500][ T5650] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  160.885679][ T5650] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[  160.890189][ T5650] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  160.895761][ T5650] UDF-fs: Scanning with blocksize 1024 failed
[  160.907351][ T5650] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  160.932968][ T5650] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[  160.950499][ T5650] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  160.963971][ T5650] UDF-fs: Scanning with blocksize 2048 failed
[  160.966264][ T5650] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  160.971989][ T5650] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[  160.974494][ T5650] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  160.976493][ T5650] UDF-fs: Scanning with blocksize 4096 failed
[  160.982985][ T5650] UDF-fs: warning (device loop0): udf_fill_super: No partition found (1)
[  161.214059][   T26] audit: type=1326 audit(161.150:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5651 comm="syz.3.344" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffabe68e68 code=0x0
[  161.958019][ T5673] netlink: 20 bytes leftover after parsing attributes in process `syz.0.350'.
[  163.745299][ T4710] device hsr_slave_0 left promiscuous mode
[  163.780329][ T4710] device hsr_slave_1 left promiscuous mode
[  164.038522][ T4710] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  164.040704][ T4710] batman_adv: batadv0: Removing interface: batadv_slave_0
[  164.043540][ T4710] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  164.045518][ T4710] batman_adv: batadv0: Removing interface: batadv_slave_1
[  164.053811][ T4710] device hsr0 left promiscuous mode
[  164.055293][ T4710] bridge0: port 3(hsr0) entered disabled state
[  164.902289][ T4710] device bridge_slave_1 left promiscuous mode
[  164.904149][ T4710] bridge0: port 2(bridge_slave_1) entered disabled state
[  164.984069][ T4710] device bridge_slave_0 left promiscuous mode
[  164.986118][ T4710] bridge0: port 1(bridge_slave_0) entered disabled state
[  166.009982][ T4710] device veth1_macvtap left promiscuous mode
[  166.011748][ T4710] device veth0_macvtap left promiscuous mode
[  166.013399][ T4710] device veth1_vlan left promiscuous mode
[  166.014937][ T4710] device veth0_vlan left promiscuous mode
[  166.408868][ T4710] team0 (unregistering): Port device team_slave_1 removed
[  166.419853][ T4710] team0 (unregistering): Port device team_slave_0 removed
[  166.436143][ T4710] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  166.471111][ T5706] loop4: detected capacity change from 0 to 256
[  166.495177][ T4710] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  166.696017][ T5708] loop1: detected capacity change from 0 to 512
[  166.743037][ T5708] EXT4-fs (loop1): Ignoring removed nobh option
[  166.744686][ T5708] EXT4-fs (loop1): Journaled quota options ignored when QUOTA feature is enabled
[  166.765391][ T4710] bond0 (unregistering): Released all slaves
[  166.790562][ T5708] EXT4-fs (loop1): 1 orphan inode deleted
[  166.792107][ T5708] EXT4-fs (loop1): mounted filesystem without journal. Opts: i_version,nodiscard,noquota,resuid=0x0000000000000000,errors=remount-ro,nobh,sysvgroups,delalloc,usrjquota=./file1,. Quota mode: writeback.
[  168.205768][ T5721] loop1: detected capacity change from 0 to 256
[  169.782884][ T4036] Bluetooth: hci1: command 0x0406 tx timeout
[  169.784577][ T4036] Bluetooth: hci2: command 0x0406 tx timeout
[  169.819033][ T5721] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  171.064190][ T5732] netlink: 20 bytes leftover after parsing attributes in process `syz.3.367'.
[  171.205860][ T5745] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  173.432840][ T5752] Invalid ELF header magic: != ELF
[  174.073433][ T5765] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  174.075583][ T5765] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  174.100985][ T5765] vhci_hcd vhci_hcd.0: Device attached
[  174.175648][ T5775] netlink: 4 bytes leftover after parsing attributes in process `syz.3.376'.
[  174.246331][ T5768] vhci_hcd: connection closed
[  174.253109][ T4832] vhci_hcd: stop threads
[  174.256691][ T4832] vhci_hcd: release socket
[  174.258774][ T4832] vhci_hcd: disconnect device
[  174.298485][ T1982] vhci_hcd: vhci_device speed not set
[  175.054789][ T5764] loop1: detected capacity change from 0 to 32768
[  177.283759][ T5792] netlink: 20 bytes leftover after parsing attributes in process `syz.3.381'.
[  177.339541][ T5791] tipc: Started in network mode
[  177.340828][ T5791] tipc: Node identity ac1414aa, cluster identity 4711
[  177.342646][ T5791] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  177.356874][ T5798] tmpfs: Bad value for 'mpol'
[  177.374358][ T5794] loop2: detected capacity change from 0 to 8192
[  177.455494][ T5802] udc-core: couldn't find an available UDC or it's busy
[  177.476442][ T5802] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  177.555933][ T5808] loop1: detected capacity change from 0 to 512
[  177.641837][ T5803] netlink: 12 bytes leftover after parsing attributes in process `syz.0.384'.
[  177.644403][ T5803] device bridge_slave_1 left promiscuous mode
[  177.646264][ T5803] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.761124][ T5803] device bridge_slave_0 left promiscuous mode
[  177.763018][ T5803] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.781119][ T5808] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  179.533707][ T5831] netlink: 4 bytes leftover after parsing attributes in process `syz.4.392'.
[  179.741478][ T5841] ip6t_rpfilter: unknown options
[  180.887553][ T5847] netlink: 20 bytes leftover after parsing attributes in process `syz.1.397'.
[  181.986849][ T5857] loop3: detected capacity change from 0 to 2048
[  182.152370][ T5859] hub 6-0:1.0: USB hub found
[  182.156290][ T5859] hub 6-0:1.0: 8 ports detected
[  182.854790][ T5857] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  182.877513][ T5862] netlink: 4 bytes leftover after parsing attributes in process `syz.4.400'.
[  182.880229][ T5857] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  185.270907][ T5876] loop4: detected capacity change from 0 to 164
[  185.288927][ T5880] netlink: 4 bytes leftover after parsing attributes in process `syz.2.405'.
[  185.507602][ T5885] loop3: detected capacity change from 0 to 4096
[  185.514569][ T5888] binder: 5887:5888 ERROR: BC_REGISTER_LOOPER called without request
[  185.517043][ T5888] binder: 5888 RLIMIT_NICE not set
[  185.522935][   T26] audit: type=1326 audit(185.460:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5881 comm="syz.1.406" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa3514e68 code=0x7fc00000
[  185.529348][   T26] audit: type=1326 audit(185.460:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5881 comm="syz.1.406" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=277 compat=0 ip=0xffffa3514e68 code=0x7fc00000
[  185.535559][ T5890] loop4: detected capacity change from 0 to 256
[  185.573721][ T5891] binder: 5887:5891 tried to acquire reference to desc 0, got 1 instead
[  185.578788][ T5888] binder: 5888 RLIMIT_NICE not set
[  185.592823][ T5890] FAT-fs (loop4): Directory bread(block 64) failed
[  185.594651][ T5890] FAT-fs (loop4): Directory bread(block 65) failed
[  185.613570][ T5888] loop2: detected capacity change from 0 to 512
[  185.623900][ T5890] FAT-fs (loop4): Directory bread(block 66) failed
[  185.625724][ T5890] FAT-fs (loop4): Directory bread(block 67) failed
[  185.627601][ T5890] FAT-fs (loop4): Directory bread(block 68) failed
[  185.654694][ T5890] FAT-fs (loop4): Directory bread(block 69) failed
[  185.656601][ T5890] FAT-fs (loop4): Directory bread(block 70) failed
[  185.664140][ T5890] FAT-fs (loop4): Directory bread(block 71) failed
[  185.679353][ T5890] FAT-fs (loop4): Directory bread(block 72) failed
[  185.688857][ T5890] FAT-fs (loop4): Directory bread(block 73) failed
[  185.715145][ T5888] EXT4-fs (loop2): mounted filesystem without journal. Opts: usrquota,nobarrier,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  185.742967][ T5885] netlink: 12 bytes leftover after parsing attributes in process `syz.3.407'.
[  185.750050][ T5885] 9pnet: Insufficient options for proto=fd
[  185.774905][ T5149] ntfs3: loop3: failed to convert "0080" to maciceland
[  185.776930][ T5149] ntfs3: loop3: failed to convert name for inode 1e.
[  185.814586][ T5149] ntfs3: loop3: failed to convert "0080" to maciceland
[  185.816479][ T5149] ntfs3: loop3: failed to convert name for inode 1e.
[  185.937397][ T4122] binder: release 5887:5891 transaction 15 out, still active
[  185.939460][ T4122] binder: undelivered TRANSACTION_COMPLETE
[  185.986229][ T4122] binder: release 5887:5888 transaction 15 in, still active
[  186.000152][ T4122] binder: send failed reply for transaction 15, target dead
[  186.978727][   T26] audit: type=1326 audit(186.920:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5881 comm="syz.1.406" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa3514e68 code=0x7fc00000
[  187.054565][ T5899] loop1: detected capacity change from 0 to 8
[  187.092523][ T5899] squashfs image failed sanity check
[  187.160023][ T5900] netlink: 20 bytes leftover after parsing attributes in process `syz.2.411'.
[  189.070243][   T26] audit: type=1326 audit(189.010:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5905 comm="syz.2.414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d634e68 code=0x7fc00000
[  189.079638][   T26] audit: type=1326 audit(189.010:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5905 comm="syz.2.414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=4 compat=0 ip=0xffff8d634e68 code=0x7fc00000
[  189.085482][   T26] audit: type=1326 audit(189.010:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5905 comm="syz.2.414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d634e68 code=0x7fc00000
[  189.123487][   T26] audit: type=1326 audit(189.010:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5905 comm="syz.2.414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d634e68 code=0x7fc00000
[  189.151108][ T5916] netlink: 4 bytes leftover after parsing attributes in process `syz.1.418'.
[  189.157551][   T26] audit: type=1326 audit(189.010:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5905 comm="syz.2.414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d634e68 code=0x7fc00000
[  189.186551][   T26] audit: type=1326 audit(189.010:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5905 comm="syz.2.414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d634e68 code=0x7fc00000
[  189.216809][   T26] audit: type=1326 audit(189.010:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5905 comm="syz.2.414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8d634e68 code=0x7fc00000
[  189.360101][ T5915] netlink: 'syz.0.417': attribute type 2 has an invalid length.
[  189.362304][ T5915] netlink: 66060 bytes leftover after parsing attributes in process `syz.0.417'.
[  189.503535][ T4069] Bluetooth: hci0: command 0x0406 tx timeout
[  190.129320][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  190.171035][ T5925] MPTCP: addr_signal error, rm_addr=1
[  190.283792][ T5927] chnl_net:caif_netlink_parms(): no params data found
[  191.360080][ T5927] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.362153][ T5927] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.366487][ T5927] device bridge_slave_0 entered promiscuous mode
[  191.408147][ T5927] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.435820][ T5927] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.445341][ T5927] device bridge_slave_1 entered promiscuous mode
[  191.500533][ T5948] netlink: 4 bytes leftover after parsing attributes in process `syz.2.426'.
[  191.530640][ T5927] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  191.535491][ T5927] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  191.616996][ T5927] team0: Port device team_slave_0 added
[  192.461401][ T1982] Bluetooth: hci3: command 0x0409 tx timeout
[  192.483461][ T5927] team0: Port device team_slave_1 added
[  192.540655][ T2057] ieee802154 phy0 wpan0: encryption failed: -22
[  192.542384][ T2057] ieee802154 phy1 wpan1: encryption failed: -22
[  192.747490][ T5927] batman_adv: batadv0: Adding interface: batadv_slave_0
[  192.753698][ T5927] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  193.158592][ T5927] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  193.649595][ T5927] batman_adv: batadv0: Adding interface: batadv_slave_1
[  193.651504][ T5927] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  193.680041][ T5967] netlink: 4 bytes leftover after parsing attributes in process `syz.4.430'.
[  193.718341][ T5927] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  193.929973][   T26] kauditd_printk_skb: 60 callbacks suppressed
[  193.930116][   T26] audit: type=1400 audit(193.820:149): apparmor="DENIED" operation="stack" info="label not found" error=-2 profile="unconfined" name=3A090EA3680EB06A1A5FD3F7614EFCD31267A0590DD509A5EFFE069ABB05AD3352B3AC017439E1DBC66F4DF20C0741B02DB717F35BBBCD4A734DE1F70C73C07EDA77D9616BE3DD1E63E92055FE373A94F022B1F018E4B2A80C8DE7F63E446A7147 pid=5970 comm="syz.1.432"
[  194.090291][ T5927] device hsr_slave_0 entered promiscuous mode
[  194.148600][ T5927] device hsr_slave_1 entered promiscuous mode
[  194.218354][ T5927] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  194.220481][ T5927] Cannot create hsr debugfs directory
[  194.480852][ T5927] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  194.538236][ T5693] Bluetooth: hci3: command 0x041b tx timeout
[  194.676986][ T5927] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.459081][ T5978] loop4: detected capacity change from 0 to 32768
[  195.498568][ T5927] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.596435][ T5927] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.007167][ T6001] loop4: detected capacity change from 0 to 512
[  196.047165][ T5927] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  196.222309][ T6004] netlink: 4 bytes leftover after parsing attributes in process `syz.0.441'.
[  196.327743][ T6007] netlink: 4 bytes leftover after parsing attributes in process `syz.4.442'.
[  196.332855][ T5927] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  196.402515][ T5927] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  196.463757][ T5927] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  196.618448][ T4071] Bluetooth: hci3: command 0x040f tx timeout
[  196.661998][ T6016] netlink: 4 bytes leftover after parsing attributes in process `syz.0.452'.
[  197.633859][ T5927] 8021q: adding VLAN 0 to HW filter on device bond0
[  197.729377][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  197.732809][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  197.743118][ T5927] 8021q: adding VLAN 0 to HW filter on device team0
[  197.774220][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  197.777006][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  197.780320][ T4069] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.782115][ T4069] bridge0: port 1(bridge_slave_0) entered forwarding state
[  197.825562][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  197.829079][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  197.831853][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  197.834448][ T4069] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.836536][ T4069] bridge0: port 2(bridge_slave_1) entered forwarding state
[  197.872498][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  197.875372][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  197.942540][ T6031] netlink: 'syz.1.446': attribute type 1 has an invalid length.
[  197.952598][ T4079] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  197.955106][ T6031] netlink: 100 bytes leftover after parsing attributes in process `syz.1.446'.
[  197.956009][ T4079] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  197.993575][ T4079] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  197.996420][ T4079] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  198.011960][ T4079] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  198.014671][ T4079] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  198.045329][ T4079] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  198.054893][ T4079] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  198.065881][ T4079] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  198.085083][ T5927] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  198.315358][ T6041] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  198.322627][ T6041] loop4: detected capacity change from 0 to 8
[  198.418367][ T6041] unable to read xattr id index table
[  198.586861][ T5927] 8021q: adding VLAN 0 to HW filter on device batadv0
[  198.595993][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  198.599198][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  198.648690][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  198.651694][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  198.696604][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  198.699798][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  198.703053][ T4069] Bluetooth: hci3: command 0x0419 tx timeout
[  198.704979][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  198.711056][ T4069] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  198.763741][ T5927] device veth0_vlan entered promiscuous mode
[  198.832581][ T5927] device veth1_vlan entered promiscuous mode
[  198.915235][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  198.918026][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  198.937418][ T5927] device veth0_macvtap entered promiscuous mode
[  198.963100][ T5927] device veth1_macvtap entered promiscuous mode
[  199.017231][ T6054] netlink: 4 bytes leftover after parsing attributes in process `syz.4.453'.
[  199.084976][ T4710] device hsr_slave_0 left promiscuous mode
[  199.119472][ T4710] device hsr_slave_1 left promiscuous mode
[  199.198358][ T4710] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  199.200398][ T4710] batman_adv: batadv0: Removing interface: batadv_slave_0
[  199.203116][ T4710] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  199.205017][ T4710] batman_adv: batadv0: Removing interface: batadv_slave_1
[  199.219242][ T4710] device bridge_slave_1 left promiscuous mode
[  199.221061][ T4710] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.279310][ T4710] device bridge_slave_0 left promiscuous mode
[  199.281207][ T4710] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.410079][ T4710] device veth1_macvtap left promiscuous mode
[  199.411790][ T4710] device veth0_macvtap left promiscuous mode
[  199.413457][ T4710] device veth1_vlan left promiscuous mode
[  199.415123][ T4710] device veth0_vlan left promiscuous mode
[  200.036695][ T4710] team0 (unregistering): Port device team_slave_1 removed
[  200.067251][ T4710] team0 (unregistering): Port device team_slave_0 removed
[  200.091674][ T4710] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  200.148821][ T4710] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  200.365594][ T4710] bond0 (unregistering): Released all slaves
[  200.492880][ T6052] netlink: 52 bytes leftover after parsing attributes in process `syz.1.451'.
[  200.500236][   T26] audit: type=1326 audit(200.440:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6063 comm="syz.0.455" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa3607e68 code=0x7fc00000
[  200.509475][ T5693] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  200.512625][ T5693] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  200.535198][   T26] audit: type=1326 audit(200.440:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6063 comm="syz.0.455" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=277 compat=0 ip=0xffffa3607e68 code=0x7fc00000
[  200.550944][ T5927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  200.553748][ T5927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.556344][ T5927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  200.574936][ T5927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.577817][ T5927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  200.585255][ T5927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.592732][ T5927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  200.597199][ T5927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.606851][ T5927] batman_adv: batadv0: Interface activated: batadv_slave_0
[  200.635694][ T5693] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  200.640545][ T5693] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  200.650721][ T5927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  200.653590][ T5927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.656221][ T5927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  200.671091][ T5927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.673775][ T5927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  200.676597][ T5927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.685367][ T5927] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  200.693249][ T5927] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.705212][ T5927] batman_adv: batadv0: Interface activated: batadv_slave_1
[  200.707753][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  200.716050][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  200.726210][ T5927] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  200.733749][ T5927] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  200.736088][ T5927] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  200.758124][ T5927] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  200.871675][ T4672] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  200.874149][ T4672] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  200.880295][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  200.913228][ T4672] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  200.915681][ T4672] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  200.922065][ T4071] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  200.979305][ T6069] loop4: detected capacity change from 0 to 256
[  201.026961][ T6069] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  201.152355][ T6070] netlink: 4 bytes leftover after parsing attributes in process `syz.1.465'.
[  201.208691][   T26] audit: type=1326 audit(201.150:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6063 comm="syz.0.455" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa3607e68 code=0x7fc00000
[  201.214873][   T26] audit: type=1326 audit(201.150:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6063 comm="syz.0.455" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=175 compat=0 ip=0xffffa3607e68 code=0x7fc00000
[  201.997849][   T26] audit: type=1326 audit(201.150:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6063 comm="syz.0.455" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa3607e68 code=0x7fc00000
[  202.088001][   T26] audit: type=1326 audit(201.150:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6063 comm="syz.0.455" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa3607e68 code=0x7fc00000
[  202.108212][   T26] audit: type=1326 audit(201.150:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6063 comm="syz.0.455" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa3607e68 code=0x7fc00000
[  202.118419][   T26] audit: type=1326 audit(201.150:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6063 comm="syz.0.455" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa3607e68 code=0x7fc00000
[  202.124144][   T26] audit: type=1326 audit(201.150:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6063 comm="syz.0.455" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa3607e68 code=0x7fc00000
[  202.148165][   T26] audit: type=1326 audit(201.150:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6063 comm="syz.0.455" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa3607e68 code=0x7fc00000
[  202.239226][ T6083] netlink: 4 bytes leftover after parsing attributes in process `syz.3.457'.
[  203.949873][ T6102] netlink: 'syz.4.462': attribute type 1 has an invalid length.
[  203.951919][ T6102] netlink: 100 bytes leftover after parsing attributes in process `syz.4.462'.
[  203.977735][ T6101] loop1: detected capacity change from 0 to 2048
[  204.032292][ T6101] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  204.040276][ T6101] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  204.130535][ T6101] delete_channel: no stack
[  204.935717][ T6117] hub 6-0:1.0: USB hub found
[  204.939600][ T6117] hub 6-0:1.0: 8 ports detected
[  207.153184][ T6130] netlink: 4 bytes leftover after parsing attributes in process `syz.4.471'.
[  207.523895][ T6137] loop1: detected capacity change from 0 to 2048
[  207.664073][ T6142] netlink: 4 bytes leftover after parsing attributes in process `syz.4.476'.
[  207.686074][ T6137] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  207.693130][ T6137] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  211.853915][ T6165] loop4: detected capacity change from 0 to 32768
[  212.002098][ T6165] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.481 (6165)
[  212.830833][ T6165] BTRFS info (device loop4): using sha256 (sha256-ce) checksum algorithm
[  212.836616][ T6165] BTRFS info (device loop4): using free space tree
[  212.852258][ T6165] BTRFS info (device loop4): has skinny extents
[  212.964945][ T6182] loop2: detected capacity change from 0 to 512
[  212.982504][ T6169] loop3: detected capacity change from 0 to 32768
[  213.043277][ T6197] netlink: 4 bytes leftover after parsing attributes in process `syz.1.486'.
[  213.046240][ T6182] EXT4-fs (loop2): Ignoring removed nobh option
[  213.052999][ T6182] EXT4-fs (loop2): Journaled quota options ignored when QUOTA feature is enabled
[  213.161912][ T6165] BTRFS info (device loop4): enabling ssd optimizations
[  213.162885][ T6182] EXT4-fs (loop2): 1 orphan inode deleted
[  213.165504][ T6182] EXT4-fs (loop2): mounted filesystem without journal. Opts: i_version,nodiscard,noquota,resuid=0x0000000000000000,errors=remount-ro,nobh,sysvgroups,delalloc,usrjquota=./file1,. Quota mode: writeback.
[  213.406589][ T6165] BTRFS info (device loop4): balance: start -sconvert=raid0,profiles=data|system|metadata|single|raid10|raid1|dup|raid0|raid5|raid6|raid1c3|raid1c4|0xfffefffffffff800,usage=562949953421312,usage=0..131072,devid=0,vrange=0..0,limit=0
[  214.154089][ T6214] netlink: 4 bytes leftover after parsing attributes in process `syz.0.489'.
[  214.215643][ T6165] BTRFS info (device loop4): balance: ended with status: 0
[  216.637587][ T6238] netlink: 24 bytes leftover after parsing attributes in process `syz.1.502'.
[  216.680025][ T6242] loop2: detected capacity change from 0 to 512
[  216.746796][ T6245] udc-core: couldn't find an available UDC or it's busy
[  216.748850][ T6245] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  217.153587][ T6246] hub 6-0:1.0: USB hub found
[  217.156916][ T6246] hub 6-0:1.0: 8 ports detected
[  217.758090][ T6242] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  217.950052][ T6249] udc-core: couldn't find an available UDC or it's busy
[  217.951814][ T6249] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  220.592358][ T6271] netlink: 4 bytes leftover after parsing attributes in process `syz.3.501'.
[  223.677394][ T6288] netlink: 4 bytes leftover after parsing attributes in process `syz.1.506'.
[  224.835978][ T6305] loop4: detected capacity change from 0 to 512
[  224.911896][ T6283] mmap: syz.2.515 (6283) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  225.053121][ T6314] loop1: detected capacity change from 0 to 512
[  225.070701][ T6305] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  225.272343][ T6314] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[  225.803646][ T6314] afs: Bad value for 'source'
[  226.107728][ T6330] tmpfs: Unknown parameter 'fscontext'
[  226.437835][ T6337] netlink: 12 bytes leftover after parsing attributes in process `syz.2.516'.
[  229.606275][ T6349] netlink: 8 bytes leftover after parsing attributes in process `syz.1.519'.
[  231.022854][ T6356] netlink: 4 bytes leftover after parsing attributes in process `syz.4.524'.
[  233.161468][ T6375] loop3: detected capacity change from 0 to 512
[  234.700030][ T6385] netlink: 4 bytes leftover after parsing attributes in process `syz.2.531'.
[  234.763047][ T6375] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  239.161010][ T6408] loop1: detected capacity change from 0 to 512
[  239.413486][   T26] kauditd_printk_skb: 94 callbacks suppressed
[  239.413498][   T26] audit: type=1326 audit(239.349:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6423 comm="syz.0.541" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa3607e68 code=0x7ffc0000
[  239.429043][ T6408] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:163: inode #12: comm syz.1.537: inline data xattr refers to an external xattr inode
[  239.921039][   T26] audit: type=1326 audit(239.369:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6423 comm="syz.0.541" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=0 compat=0 ip=0xffffa3607e68 code=0x7ffc0000
[  240.045189][ T6408] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.537: couldn't read orphan inode 12 (err -117)
[  240.153405][ T6408] EXT4-fs (loop1): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000200000,data_err=ignore,usrquota,resuid=0x0000000000000000,quota,debug_want_extra_isize=0x0000000000000008,usrjquota=,resgid=0x0000000000000000,nodiscard,,errors=continue. Quota mode: writeback.
[  240.161254][ T4029] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  240.164452][   T26] audit: type=1326 audit(239.369:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6423 comm="syz.0.541" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa3607e68 code=0x7ffc0000
[  240.198846][   T26] audit: type=1326 audit(239.369:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6423 comm="syz.0.541" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa3607e68 code=0x7ffc0000
[  240.235230][   T26] audit: type=1326 audit(240.059:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6423 comm="syz.0.541" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=64 compat=0 ip=0xffffa36065a0 code=0x7ffc0000
[  240.278167][   T26] audit: type=1326 audit(240.059:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6423 comm="syz.0.541" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa3607e68 code=0x7ffc0000
[  240.315135][   T26] audit: type=1326 audit(240.059:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6423 comm="syz.0.541" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa3607e68 code=0x7ffc0000
[  240.349805][   T26] audit: type=1326 audit(240.089:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6423 comm="syz.0.541" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffa3607e68 code=0x7ffc0000
[  240.374334][   T26] audit: type=1326 audit(240.089:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6423 comm="syz.0.541" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa3607e68 code=0x7ffc0000
[  240.387197][   T26] audit: type=1326 audit(240.089:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6423 comm="syz.0.541" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa3607e68 code=0x7ffc0000
[  240.639071][ T6438] xt_ecn: cannot match TCP bits for non-tcp packets
[  240.813946][ T6443] loop1: detected capacity change from 0 to 1024
[  241.665272][ T6443] EXT4-fs (loop1): INFO: recovery required on readonly filesystem
[  241.667472][ T6443] EXT4-fs (loop1): write access will be enabled during recovery
[  241.672820][ T6443] JBD2: no valid journal superblock found
[  241.674423][ T6443] EXT4-fs (loop1): error loading journal
[  242.285439][ T6446] udc-core: couldn't find an available UDC or it's busy
[  242.287388][ T6446] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  242.430843][ T6451] loop2: detected capacity change from 0 to 512
[  242.506667][ T6451] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  242.512684][ T6451] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  242.549033][ T6451] EXT4-fs (loop2): 1 truncate cleaned up
[  242.550752][ T6451] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  243.080426][ T6464] capability: warning: `syz.1.549' uses 32-bit capabilities (legacy support in use)
[  243.083845][ T6465] EXT4-fs (loop2): Unrecognized mount option "ÿî§<< G4š¶mÿ±â½ÆuÆÌëê0º‰wÆ2ÝK×]<ýÌàÈŒÏð D|ÙÊÞÔ«öWgéÛ½{XA¨Î>´LqQÞ·¸ùχ
[  243.083845][ T6465] ðOÉQ±•Çý6ÿÛÐb" or missing value
[  244.629698][ T6468] loop1: detected capacity change from 0 to 512
[  244.819616][ T6468] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e018, mo2=0002]
[  244.821765][ T6468] System zones: 1-12
[  244.824142][ T6468] EXT4-fs warning (device loop1): ext4_block_to_path:107: block 27262975 > max in inode 13
[  244.827060][ T6468] EXT4-fs warning (device loop1): ext4_block_to_path:107: block 27262976 > max in inode 13
[  244.841327][ T6471] loop4: detected capacity change from 0 to 2048
[  244.848919][ T6468] EXT4-fs (loop1): 1 truncate cleaned up
[  244.850457][ T6468] EXT4-fs (loop1): mounted filesystem without journal. Opts: resuid=0x0000000000000000,nogrpid,,,errors=continue. Quota mode: none.
[  244.908523][ T6471]  loop4: p2 < >
[  244.914675][ T6468] EXT4-fs warning (device loop1): dx_probe:892: inode #2: comm syz.1.550: dx entry: limit 0 != root limit 125
[  244.945966][ T6468] EXT4-fs warning (device loop1): dx_probe:965: inode #2: comm syz.1.550: Corrupt directory, running e2fsck is recommended
[  245.089912][ T6468] netlink: 8 bytes leftover after parsing attributes in process `syz.1.550'.
[  245.099630][ T6468] EXT4-fs warning (device loop1): dx_probe:892: inode #2: comm syz.1.550: dx entry: limit 0 != root limit 125
[  245.123705][ T6468] EXT4-fs warning (device loop1): dx_probe:965: inode #2: comm syz.1.550: Corrupt directory, running e2fsck is recommended
[  245.350395][ T6480] netlink: 12 bytes leftover after parsing attributes in process `syz.3.553'.
[  247.817122][ T6453] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 361: padding at end of block bitmap is not set
[  247.878979][ T6468] EXT4-fs warning (device loop1): dx_probe:892: inode #2: comm syz.1.550: dx entry: limit 0 != root limit 125
[  247.898432][ T6468] EXT4-fs warning (device loop1): dx_probe:965: inode #2: comm syz.1.550: Corrupt directory, running e2fsck is recommended
[  248.012591][ T6468] EXT4-fs error (device loop1): ext4_find_dest_de:2112: inode #2: block 129: comm syz.1.550: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  250.560030][ T6503] netlink: 'syz.3.560': attribute type 1 has an invalid length.
[  250.562589][ T6503] netlink: 4 bytes leftover after parsing attributes in process `syz.3.560'.
[  250.631626][    C0] IPv4: Oversized IP packet from 172.20.20.24
[  250.728041][ T6509] loop1: detected capacity change from 0 to 2048
[  250.757806][ T6513] loop4: detected capacity change from 0 to 8
[  251.674594][ T4077] Bluetooth: hci5: command 0x0406 tx timeout
[  251.715952][ T6513] SQUASHFS error: Unable to read inode 0x11f
[  251.738987][ T6517] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  252.104377][ T6509] NILFS (loop1): unrecognized mount option "æ"
[  254.193697][ T6531] loop3: detected capacity change from 0 to 1024
[  254.907748][ T2057] ieee802154 phy0 wpan0: encryption failed: -22
[  254.914334][ T2057] ieee802154 phy1 wpan1: encryption failed: -22
[  254.943188][ T6531] EXT4-fs (loop3): INFO: recovery required on readonly filesystem
[  254.945399][ T6531] EXT4-fs (loop3): write access will be enabled during recovery
[  254.948981][ T6531] JBD2: no valid journal superblock found
[  254.950605][ T6531] EXT4-fs (loop3): error loading journal
[  255.020978][ T6536] netlink: 12 bytes leftover after parsing attributes in process `syz.4.570'.
[  255.073706][ T6537] netlink: 28 bytes leftover after parsing attributes in process `syz.0.569'.
[  255.343665][ T6543] loop3: detected capacity change from 0 to 512
[  255.380216][ T6547] tipc: Cannot configure node identity twice
[  255.381891][ T6547] tipc: Cannot configure node identity twice
[  256.233211][ T6543] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  256.250732][ T6555] loop2: detected capacity change from 0 to 256
[  256.288993][ T6555] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  256.314188][ T6543] EXT4-fs (loop3): Cannot change journaled quota options when quota turned on
[  256.366533][ T6558] udc-core: couldn't find an available UDC or it's busy
[  256.368664][ T6558] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  256.481169][ T6560] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  259.950209][ T6571] loop3: detected capacity change from 0 to 32768
[  260.004498][ T4034] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  260.007293][ T4034] CPU: 1 PID: 4034 Comm: kworker/u5:5 Not tainted 5.15.164-syzkaller #0
[  260.009546][ T4034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  260.012150][ T4034] Workqueue: hci2 hci_rx_work
[  260.013398][ T4034] Call trace:
[  260.014346][ T4034]  dump_backtrace+0x0/0x530
[  260.015463][ T4034]  show_stack+0x2c/0x3c
[  260.016616][ T4034]  dump_stack_lvl+0x108/0x170
[  260.017944][ T4034]  dump_stack+0x1c/0x58
[  260.019038][ T4034]  sysfs_create_dir_ns+0x278/0x318
[  260.020377][ T4034]  kobject_add_internal+0x384/0x8f0
[  260.021647][ T4034]  kobject_add+0x14c/0x21c
[  260.022943][ T4034]  device_add+0x400/0xef4
[  260.024018][ T4034]  hci_conn_add_sysfs+0xc4/0x1cc
[  260.025299][ T4034]  le_conn_complete_evt+0x954/0x1228
[  260.026710][ T4034]  hci_le_meta_evt+0xa50/0x31c0
[  260.027972][ T4034]  hci_event_packet+0xd34/0x12b4
[  260.029251][ T4034]  hci_rx_work+0x1c0/0x7c4
[  260.030420][ T4034]  process_one_work+0x790/0x11b8
[  260.031710][ T4034]  worker_thread+0x910/0x1034
[  260.032953][ T4034]  kthread+0x37c/0x45c
[  260.034001][ T4034]  ret_from_fork+0x10/0x20
[  260.038275][ T4034] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  260.041638][ T4034] Bluetooth: hci2: failed to register connection device
[  260.243259][ T6571] XFS (loop3): Mounting V5 Filesystem
[  261.296317][ T6571] XFS (loop3): Ending clean mount
[  261.312494][ T6571] XFS (loop3): Quotacheck needed: Please wait.
[  261.439823][ T6571] XFS (loop3): Quotacheck: Done.
[  261.487681][ T5927] XFS (loop3): Unmounting Filesystem
[  265.386789][    T7] Bluetooth: hci2: command 0x2016 tx timeout
[  265.474296][ T6618] netlink: 16 bytes leftover after parsing attributes in process `syz.1.591'.
[  265.477653][ T6618] netlink: 16 bytes leftover after parsing attributes in process `syz.1.591'.
[  265.483124][ T6618] netlink: 4 bytes leftover after parsing attributes in process `syz.1.591'.
[  266.844106][ T6622] netlink: 12 bytes leftover after parsing attributes in process `syz.2.593'.
[  268.715750][ T6650] loop2: detected capacity change from 0 to 512
[  269.782121][ T6657] loop1: detected capacity change from 0 to 4096
[  269.823276][ T6650] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.600: bg 0: block 97: padding at end of block bitmap is not set
[  270.213667][ T6650] __quota_error: 22 callbacks suppressed
[  270.214213][ T6650] Quota error (device loop2): write_blk: dquota write failed
[  270.665793][ T6650] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  270.674099][ T6657] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512)
[  270.689379][ T6650] EXT4-fs error (device loop2): ext4_acquire_dquot:6196: comm syz.2.600: Failed to acquire dquot type 0
[  270.719481][ T6659] loop4: detected capacity change from 0 to 8192
[  270.735023][ T6657] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  270.752658][ T6650] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2925: inode #15: comm syz.2.600: corrupted xattr block 19
[  270.760652][ T6650] EXT4-fs warning (device loop2): ext4_evict_inode:302: xattr delete (err -117)
[  270.773808][ T6650] EXT4-fs (loop2): 1 orphan inode deleted
[  270.787455][ T6650] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  270.805874][    T9] Quota error (device loop2): remove_tree: Getting block too big (0 >= 6)
[  270.808927][    T9] EXT4-fs error (device loop2): ext4_release_dquot:6219: comm kworker/u4:0: Failed to release dquot type 0
[  270.992310][ T6659] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal
[  270.994901][ T6659] REISERFS (device loop4): using ordered data mode
[  270.996601][ T6659] reiserfs: using flush barriers
[  271.004277][ T6659] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  271.021016][ T6670] netlink: 1096 bytes leftover after parsing attributes in process `syz.0.605'.
[  271.060502][ T6650] bond0: option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[  271.066864][ T6659] REISERFS (device loop4): checking transaction log (loop4)
[  271.127109][ T6659] REISERFS (device loop4): Using r5 hash to sort names
[  271.132686][ T6659] REISERFS (device loop4): using 3.5.x disk format
[  271.134562][ T6659] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
[  271.215048][ T6680] netlink: 9 bytes leftover after parsing attributes in process `syz.3.606'.
[  271.236122][ T6680] device gretap0 entered promiscuous mode
[  271.269265][ T4108] ntfs3: loop1: ntfs3_write_inode r=5 failed, -22.
[  271.272559][ T4030] ntfs3: loop1: ntfs_evict_inode r=5 failed, -22.
[  271.297277][ T6683] netlink: 5 bytes leftover after parsing attributes in process `syz.3.606'.
[  271.300869][ T6683] 0ªX¹¦D: renamed from gretap0
[  271.354025][ T6683] device 
30ªX¹¦D left promiscuous mode
[  271.371333][ T6683] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  271.384769][ T6685] overlayfs: overlapping lowerdir path
[  271.406469][ T6659] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 4 0(1) DIR], item_len 35, item_location 3685, free_space(entry_count) 2
[  271.432094][ T6659] REISERFS error (device loop4): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[  271.434715][ T6659] REISERFS (device loop4): Remounting filesystem read-only
[  271.436588][ T6659] REISERFS error (device loop4): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 4 0x0 SD] stat data
[  275.715812][ T6733] loop4: detected capacity change from 0 to 2048
[  277.561858][ T6726] ceph: No mds server is up or the cluster is laggy
[  278.703743][ T6747] netlink: 8 bytes leftover after parsing attributes in process `syz.0.623'.
[  278.804818][ T6753] netlink: 264 bytes leftover after parsing attributes in process `syz.4.627'.
[  278.807196][ T6753] netlink: 148 bytes leftover after parsing attributes in process `syz.4.627'.
[  278.842555][ T6753] loop4: detected capacity change from 0 to 64
[  280.413023][ T6758] loop1: detected capacity change from 0 to 512
[  281.201146][ T4067] Bluetooth: hci3: command 0x1407 tx timeout
[  281.204310][ T6758] FAT-fs (loop1): bogus logical sector size 0
[  281.205906][ T6758] FAT-fs (loop1): Can't find a valid FAT filesystem
[  282.764971][ T6790] netlink: 40 bytes leftover after parsing attributes in process `syz.0.636'.
[  284.337322][ T6798] loop2: detected capacity change from 0 to 8192
[  284.531216][ T6798] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal
[  284.534276][ T6798] REISERFS (device loop2): using ordered data mode
[  284.536017][ T6798] reiserfs: using flush barriers
[  284.554534][ T6798] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  285.470734][ T6815] loop4: detected capacity change from 0 to 512
[  285.480334][ T6798] REISERFS (device loop2): checking transaction log (loop2)
[  285.496568][ T6815] FAT-fs (loop4): bogus logical sector size 0
[  285.498312][ T6815] FAT-fs (loop4): Can't find a valid FAT filesystem
[  285.527093][ T6798] REISERFS (device loop2): Using r5 hash to sort names
[  285.532591][ T6798] REISERFS (device loop2): using 3.5.x disk format
[  285.546658][ T6798] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  286.456606][ T6799] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 4 0(1) DIR], item_len 35, item_location 3685, free_space(entry_count) 2
[  286.464659][ T6799] REISERFS error (device loop2): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[  286.467533][ T6799] REISERFS (device loop2): Remounting filesystem read-only
[  286.473589][ T6799] REISERFS error (device loop2): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 4 0x0 SD] stat data
[  287.262172][ T6831] loop4: detected capacity change from 0 to 512
[  288.649736][ T6831] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  289.778554][ T6854] loop1: detected capacity change from 0 to 2048
[  289.908332][ T6854] EXT4-fs (loop1): Unrecognized mount option "fsname=smackfsfloor" or missing value
[  290.065966][ T6854] loop1: detected capacity change from 0 to 512
[  290.217861][ T6871] netlink: 4 bytes leftover after parsing attributes in process `syz.3.659'.
[  292.018248][ T6883] loop3: detected capacity change from 0 to 512
[  292.512336][ T6883] FAT-fs (loop3): bogus logical sector size 0
[  292.514158][ T6883] FAT-fs (loop3): Can't find a valid FAT filesystem
[  292.546421][ T6233] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  294.804740][ T6233] usb 1-1: device not accepting address 6, error -71
[  299.522959][ T6946] loop3: detected capacity change from 0 to 1024
[  299.920273][ T6946] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended.  mounting read-only.
[  299.937251][ T6945] hfsplus: found bad thread record in catalog
[  303.446365][ T6994] 
[  303.447045][ T6994] ============================================
[  303.448615][ T6994] WARNING: possible recursive locking detected
[  303.450199][ T6994] 5.15.164-syzkaller #0 Not tainted
[  303.451559][ T6994] --------------------------------------------
[  303.453234][ T6994] syz.3.687/6994 is trying to acquire lock:
[  303.454880][ T6994] ffff0000d7b17398 (_xmit_ETHER#2){+.-.}-{2:2}, at: sch_direct_xmit+0x15c/0x484
[  303.457425][ T6994] 
[  303.457425][ T6994] but task is already holding lock:
[  303.459356][ T6994] ffff0000c5da0498 (_xmit_ETHER#2){+.-.}-{2:2}, at: sch_direct_xmit+0x15c/0x484
[  303.461810][ T6994] 
[  303.461810][ T6994] other info that might help us debug this:
[  303.464018][ T6994]  Possible unsafe locking scenario:
[  303.464018][ T6994] 
[  303.466114][ T6994]        CPU0
[  303.467000][ T6994]        ----
[  303.467810][ T6994]   lock(_xmit_ETHER#2);
[  303.468925][ T6994]   lock(_xmit_ETHER#2);
[  303.470081][ T6994] 
[  303.470081][ T6994]  *** DEADLOCK ***
[  303.470081][ T6994] 
[  303.472233][ T6994]  May be due to missing lock nesting notation
[  303.472233][ T6994] 
[  303.474478][ T6994] 12 locks held by syz.3.687/6994:
[  303.475867][ T6994]  #0: ffff800014c91660 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x10/0x4c
[  303.478405][ T6994]  #1: ffff800014c916c0 (rcu_read_lock_bh){....}-{1:2}, at: rcu_lock_acquire+0x18/0x54
[  303.481193][ T6994]  #2: ffff800014c916c0 (rcu_read_lock_bh){....}-{1:2}, at: rcu_lock_acquire+0x18/0x54
[  303.483762][ T6994]  #3: ffff0000c17b4258 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+...}-{2:2}, at: qdisc_run_begin+0x130/0x2bc
[  303.487121][ T6994]  #4: ffff0000c5da0498 (_xmit_ETHER#2){+.-.}-{2:2}, at: sch_direct_xmit+0x15c/0x484
[  303.489723][ T6994]  #5: ffff0000d3206620 (k-slock-AF_INET6){+.-.}-{2:2}, at: icmpv6_xmit_lock+0x100/0x188
[  303.492362][ T6994]  #6: ffff800014c91660 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x10/0x4c
[  303.495029][ T6994]  #7: ffff800014c916c0 (rcu_read_lock_bh){....}-{1:2}, at: rcu_lock_acquire+0x18/0x54
[  303.497685][ T6994]  #8: ffff800014c91660 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x10/0x4c
[  303.500254][ T6994]  #9: ffff800014c916c0 (rcu_read_lock_bh){....}-{1:2}, at: rcu_lock_acquire+0x18/0x54
[  303.502930][ T6994]  #10: ffff800014c916c0 (rcu_read_lock_bh){....}-{1:2}, at: rcu_lock_acquire+0x18/0x54
[  303.505651][ T6994]  #11: ffff0000e3520258 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+...}-{2:2}, at: qdisc_run_begin+0x130/0x2bc
[  303.509030][ T6994] 
[  303.509030][ T6994] stack backtrace:
[  303.510568][ T6994] CPU: 0 PID: 6994 Comm: syz.3.687 Not tainted 5.15.164-syzkaller #0
[  303.512827][ T6994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  303.515556][ T6994] Call trace:
[  303.516436][ T6994]  dump_backtrace+0x0/0x530
[  303.517668][ T6994]  show_stack+0x2c/0x3c
[  303.518772][ T6994]  dump_stack_lvl+0x108/0x170
[  303.520031][ T6994]  dump_stack+0x1c/0x58
[  303.521144][ T6994]  __lock_acquire+0x62bc/0x7638
[  303.522521][ T6994]  lock_acquire+0x240/0x77c
[  303.523764][ T6994]  _raw_spin_lock+0xb0/0x10c
[  303.525022][ T6994]  sch_direct_xmit+0x15c/0x484
[  303.526323][ T6994]  __dev_queue_xmit+0x14b4/0x2a6c
[  303.527689][ T6994]  dev_queue_xmit+0x24/0x34
[  303.528920][ T6994]  ip6_finish_output2+0x1314/0x1c4c
[  303.530370][ T6994]  __ip6_finish_output+0x580/0x6ec
[  303.531763][ T6994]  ip6_finish_output+0x40/0x218
[  303.533048][ T6994]  ip6_output+0x274/0x594
[  303.534195][ T6994]  ndisc_send_skb+0xbf8/0x1788
[  303.535463][ T6994]  ndisc_send_ns+0x538/0x6ec
[  303.536790][ T6994]  ndisc_solicit+0x2f4/0x47c
[  303.538007][ T6994]  neigh_probe+0xc4/0x138
[  303.539253][ T6994]  __neigh_event_send+0xca4/0x1338
[  303.540601][ T6994]  neigh_resolve_output+0x178/0x5dc
[  303.542025][ T6994]  ip6_finish_output2+0x1348/0x1c4c
[  303.543353][ T6994]  __ip6_finish_output+0x580/0x6ec
[  303.544715][ T6994]  ip6_finish_output+0x40/0x218
[  303.546097][ T6994]  ip6_output+0x274/0x594
[  303.547289][ T6994]  ip6_local_out+0x120/0x160
[  303.548479][ T6994]  ip6_send_skb+0x118/0x428
[  303.549719][ T6994]  ip6_push_pending_frames+0xd0/0x118
[  303.551163][ T6994]  icmpv6_push_pending_frames+0x244/0x398
[  303.552659][ T6994]  icmp6_send+0x11a4/0x1b18
[  303.553858][ T6994]  ip6_link_failure+0x44/0x4a8
[  303.555145][ T6994]  dst_link_failure+0x11c/0x160
[  303.556435][ T6994]  ip_tunnel_xmit+0x16e0/0x2334
[  303.557733][ T6994]  erspan_xmit+0x9cc/0x14cc
[  303.558917][ T6994]  dev_hard_start_xmit+0x2bc/0x92c
[  303.560298][ T6994]  sch_direct_xmit+0x2e0/0x484
[  303.561653][ T6994]  __dev_queue_xmit+0x14b4/0x2a6c
[  303.563033][ T6994]  dev_queue_xmit+0x24/0x34
[  303.564272][ T6994]  neigh_resolve_output+0x52c/0x5dc
[  303.565657][ T6994]  ip6_finish_output2+0x1348/0x1c4c
[  303.567124][ T6994]  __ip6_finish_output+0x580/0x6ec
[  303.568476][ T6994]  ip6_finish_output+0x40/0x218
[  303.569786][ T6994]  ip6_output+0x274/0x594
[  303.570888][ T6994]  rawv6_send_hdrinc+0xd64/0x1c14
[  303.572220][ T6994]  rawv6_sendmsg+0x1074/0x1bcc
[  303.573487][ T6994]  inet_sendmsg+0x15c/0x290
[  303.574712][ T6994]  sock_write_iter+0x2b0/0x3f8
[  303.576022][ T6994]  vfs_write+0x884/0xb44
[  303.577208][ T6994]  ksys_write+0x15c/0x26c
[  303.578396][ T6994]  __arm64_sys_write+0x7c/0x90
[  303.579688][ T6994]  invoke_syscall+0x98/0x2b8
[  303.580922][ T6994]  el0_svc_common+0x138/0x258
[  303.582210][ T6994]  do_el0_svc+0x58/0x14c
[  303.583386][ T6994]  el0_svc+0x7c/0x1f0
[  303.584515][ T6994]  el0t_64_sync_handler+0x84/0xe4
[  303.585877][ T6994]  el0t_64_sync+0x1a0/0x1a4
[  312.378155][ T4077] Bluetooth: hci3: command 0x0406 tx timeout