last executing test programs:

8m6.001133711s ago: executing program 3 (id=268):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000005c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = dup(r3)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xe501, 0x3, 0x298, 0x128, 0x6affffff, 0x3403000b, 0x0, 0x7, 0x200, 0x230, 0x230, 0x200, 0x223, 0x3, 0x0, {[{{@ip={@remote, @local, 0x0, 0x0, 'bond_slave_1\x00', 'veth1_to_team\x00'}, 0x0, 0xe0, 0x128, 0x0, {0x1000000}, [@common=@unspec=@quota={{0x38}, {0x1, 0x0, 0x0, {0x3}}}, @common=@unspec=@time={{0x38}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x2, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x2f8)

7m56.027021685s ago: executing program 3 (id=288):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
io_setup(0x9, &(0x7f0000000240)=<r1=>0x0)
connect$can_bcm(r0, &(0x7f0000000000), 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_submit(r1, 0x1, &(0x7f0000000100)=[&(0x7f00000000c0)={0x400000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000200)="0500000093c21faf16da39de706f646800580f02000000003f420f000000000000580f02000300003f420f00000000000029ffffff000000", 0x20000238}])

7m53.686565283s ago: executing program 3 (id=297):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(&(0x7f0000001340)='pipefs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fsmount(r3, 0x0, 0x80)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)

7m52.577727071s ago: executing program 3 (id=299):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100), 0x800000, &(0x7f0000004200)=ANY=[@ANYBLOB='huge=within_size'])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x8, 0x12, r0, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xe)
ftruncate(r0, 0x472e)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
io_uring_setup(0x1b7b, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x20008084)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
wait4(r1, 0x0, 0x8, 0x0)
ptrace$poke(0x4, r1, &(0x7f00000011c0), 0xfffffffffffffffe)

7m52.410822046s ago: executing program 3 (id=301):
socket$inet_tcp(0x2, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
syz_open_procfs(0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x4b2dfe21750f744b, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$unix(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)="03", 0x1}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
recvmmsg(r1, &(0x7f0000001140), 0x700, 0x2, 0x0)

7m50.655675591s ago: executing program 3 (id=306):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0xfffffffd, 0xc5, 0xe23, 0x1, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0xffe6, 0xb}, {0xfff2, 0x3}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x0, 0xa}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x4048080)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@getqdisc={0x24, 0x25, 0x1, 0x70bd2a, 0x25dfdbff, {0x0, 0x0, 0x0, r8, {}, {0xfff1, 0xb}, {0xa, 0xa}}}, 0x24}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xffff}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0x1, 0xc5, 0xe23, 0x3, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)

7m49.528955381s ago: executing program 32 (id=306):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0xfffffffd, 0xc5, 0xe23, 0x1, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0xffe6, 0xb}, {0xfff2, 0x3}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x0, 0xa}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x850}, 0x4048080)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@getqdisc={0x24, 0x25, 0x1, 0x70bd2a, 0x25dfdbff, {0x0, 0x0, 0x0, r8, {}, {0xfff1, 0xb}, {0xa, 0xa}}}, 0x24}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xffff}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0x1, 0xc5, 0xe23, 0x3, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)

7m5.42815363s ago: executing program 2 (id=436):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xf, 0xf}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000022c0)=@newtfilter={0x34, 0x2c, 0xd3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xb, 0xffe0}, {}, {0x8, 0x6}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000004400)=@getchain={0x24, 0x66, 0xfff1, 0x70bd2b, 0x25dfdbff, {0x0, 0x0, 0x0, r8, {0xe, 0xfff2}, {0x0, 0xfff1}, {0xffff, 0x1ffef}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x800)
syz_genetlink_get_family_id$batadv(&(0x7f0000000180), r6)

7m3.055303991s ago: executing program 2 (id=444):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000240)="b00000001a007f029e78f6030f7a0a762353bfb89fd8c902317bab30f89f080aaaaeb9d8091c815dcf03e14e877733fff4fe20a5be870f576b162e7de2d02673e789a4950c9cdc206e086fd0dc8ca9afcd9d525146add31b7bc77c26d8982be29d889d1e35355848794ca3f8b38aef1e114ab9fbebe9c6609e64b1e5a3b0c81c6f8144e74fe12780ca46c1a6c04ad73c9d44b605f9000000000000000000", 0x9e}, {&(0x7f00000001c0)="68cabf2dfb58fc0af787a8ffff0200258f00", 0x12}], 0x2}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="5800000002060500000034e40000000002000000050001000600000005000400000000000900020073797a3100000500050005000a00000011000300686173683a69702c706f7274000000000c000780080008400000005f"], 0x58}}, 0x2)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000140), 0x8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x20, 0x9, &(0x7f00000003c0)=@framed={{}, [@cb_func={0x18, 0x1, 0x4, 0x0, 0xfffffffffffffff9}, @cb_func={0x18, 0x5, 0x4, 0x0, 0x1}, @alu={0x7, 0x1, 0x5, 0x0, 0xa, 0x18}, @call={0x85, 0x0, 0x0, 0x78}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002380)={r3, 0x0, 0x2d, 0x0, @val=@netfilter={0x2, 0x4, 0x64, 0x1}}, 0x20)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)={0x5c, 0x9, 0x6, 0x801, 0x0, 0x0, {0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x34, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0xe1f}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x88}, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e22}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x10000042}, 0x90)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000040603000000000000000000010000080500010007000001"], 0x1c}, 0x1, 0x0, 0x0, 0xc0}, 0x20000814)
openat$cgroup_pressure(0xffffffffffffffff, &(0x7f00000000c0)='io.pressure\x00', 0x2, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="280000001e00210000000000000000000700000005000000000004000a0002"], 0x28}}, 0x0)

6m58.109167649s ago: executing program 2 (id=455):
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000001b80)='/proc/timer_list\x00', 0x0, 0x0)
ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0x801c581f, 0x0)
chdir(0x0)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x11, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x1})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
name_to_handle_at(0xffffffffffffffff, &(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000100)=@FILEID_NILFS_WITH_PARENT={0x20, 0x62, {0x7fffffff, 0x0, 0xffffffff, 0x5aa, 0xffffffffffffffff}}, 0x0, 0x200)
write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0x0)
pause()
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000b00)={0x84, &(0x7f0000001140)=ANY=[@ANYBLOB="000c04000000000000ddb21457a5ef94c0f5e6bd89eea5c39ac4fb68ccbeb87807682b50a61a869cc0b89536e415842074e668"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

6m56.984975428s ago: executing program 2 (id=459):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
keyctl$read(0xb, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r4, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc92b18236457ee3c8", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

6m55.489977001s ago: executing program 2 (id=461):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
r0 = syz_clone(0x111, 0x0, 0x0, 0x0, 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x100809, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0])
mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000280)='autofs\x00', 0x201000c, &(0x7f0000000040))
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x180)
chdir(&(0x7f0000000000)='./file0\x00')
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r2 = socket$unix(0x1, 0x5, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r3, 0x0)
setpgid(r0, r0)
setpgid(0x0, r0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)

6m53.183330376s ago: executing program 2 (id=466):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
connect$inet(r3, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r3, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)

6m37.034035117s ago: executing program 33 (id=466):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
connect$inet(r3, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r3, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)

22.380375269s ago: executing program 6 (id=1449):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = socket$inet6(0xa, 0x80003, 0xff)
setsockopt$inet6_int(r3, 0x29, 0x16, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x80003, 0xff)
socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_int(r4, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
close_range(r2, 0xffffffffffffffff, 0x0)

18.673308317s ago: executing program 0 (id=1459):
bind$packet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)={0x14, 0x35, 0x301, 0x70bd26, 0x25dfdbfe, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x1882}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
futex(0x0, 0x8, 0x82, 0x0, 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0xcc182, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000080))
gettid()
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000002700)={<r5=>0x0}, &(0x7f0000002740)=0xc)
shmctl$IPC_SET(0x0, 0x1, &(0x7f0000002780)={{0x2, 0x0, 0x0, 0x0, 0x0, 0x98, 0x4}, 0x6, 0x401, 0x3, 0x7, r5, r0, 0x7})
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00')
dup3(r6, r7, 0x0)

16.059036778s ago: executing program 6 (id=1465):
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x80000c, &(0x7f00000000c0)=ANY=[@ANYBLOB="706172743d3078300002a27f9edc6b44d57ecc7d80c5ce0c6769643d", @ANYRESOCT, @ANYRES8, @ANYRES64=0x0, @ANYRESDEC, @ANYRES8=0x0, @ANYRES16, @ANYRESHEX=0x0, @ANYBLOB="4599"], 0x1, 0x702, &(0x7f0000000280)="$eJzs3UtoHOcdAPD/rFaPVcGREztOSyBLDGmpqC1ZKK16qVtK0SGUkB5yFrYcL17LQVKKbEqt9HHvIaee0oNuoYeS3g3tuSFQ0qOOgUIuOemmMrMzu7Pa1e7K1ivu72dm5pv5HvPNf16rXcwXwP+t5dmoPokklmff2krXd3cWmmM7C5N5djMiJiKiElGNSNJNyVpkuTfzKb4deU5p2eOjxtI7X3y9+2VrrZpPWfnKoHp9TPRu2s6nqEfEWL7sNX5Ii58e3H1Xe7cObW9USfsI04BdLQIXf36mVuGZ7ffYbud98u9s3i7Tp/pR7lvgnEpa781c51afiZiOiKmI1ls/fzpUTr+Hx2v7rDsAAAAAR1U7epUX9mIvtuLCSXQHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnlf5+P9JPlWKdD2SYvz/iXxb5OlzaPhAiJ9PtpZPTr4zAAAAAAAAAHDiXtuLvdiKC8X6fpL95v966Tf+b8UHsRGrsR7XYitWYjM2Yz3mI2Km1NDE1srm5vp8VjPi0oCaN+KzPjVvHN7Hm92ryXEcNwAAAAAAAACcY1ND8u+N9277XSx3fv8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDzIIkYay2y6VKRnolKNSKminLbEZ9FxMTZ9vZIkn4bn5x+PwAAAOCZTHWvJlMj1HnhcezFVlwo1ivTnfoxFR/EWmxGIzajGatxO/8bOv2rv7K7s9Dc3Vm4n0697f70qyN1PWsxWt899N/zK1mJWtyJRrblWtyKJPYzlbyVV3Z3FtLl/f79+jDtU/KT3IDejJXSt9PZlU+z9J+6v0WoHukQR3Sw0cqhJWey3PF2RObyvqU1LhYR6B+JoWenOnBP81Fpf/NzafCe+sf8w8F7nz5Qqu83N2fiYCRuRKV9hl4eHImI7/79k3fvNtfu3b2zMXt+Dqmvx0NLHIzEQikSV56jSAw3l0Xicnt9OX4Rv4rZ+Gry7ViPRvw6VmIzVutF/kp+PafzmcGR+ny6vPb2sJ6k92S9/fzq16d6dPUp6vHzLLUSr2fn9EI0IokHEbEab2b/bsR8+2nQOcOXR7jrKyM8aUuufi9btMMUtcPL/nW0Jo9LGteLpbiWn7kzWV55SydKL/aNUvGuG/19VFL9Tp5IW/j9wPfDaTsYiflSJF467HpphfQv++l8o7l2b/3uyvsj7u+NfJneR38c8JY4kdf0QOkZfjGm8oO7mM2T7J6ay/JeaveqiNd/GhHzWd6ldivdb9w073K7XutO/WU8iNtdd+oPYzEWYykr/XJWerznjZXmXWm31P0MT/PST1rV9g875c9bD6LZ+jwUsf2Nf2wDPM+mvz89Uftv7V+1j2t/qN2tvTX1s8kfTb46EeP/HP9xdW7sjcqryd/i4/ht5+9/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6VUjYqXZXF3fePjoXm+i0j8r6Vu4lNgvBhIbUKYrkeRD5YxQONl4+Gh/aIODE5N5956y+nEmitEahxeun2A3ku2D52tq+LkoRnkaYRdJPkxl6dKKiKfuc7Hnzpbxcpl3x872nOaJ+pFr1XuOK08UF2yp8NGv3lq/8zV2yBNgyINj7BgePsCZur55//3rGw8f/aBxf+W91fdW18YXF5fmlhbfXLh+p9FcnWvNSxVOf1Q94ISUP060TUTEa8PrDhioFQAAAAAAAAAAADhBp/F/Ic76GAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBvtuXZqD6JJObnrs2l67s7C810KtKdktWIqERE8puI5B8RN6M1xUyW/Xjwfj5qLL3zxde7X3baSqdIWo1uJwOqDsrLbedT1CNiLF8+g672bg1vb6KTnOyTnbSPIg3Y1SJwcNb+FwAA//9Pw/Bb")
inotify_init1(0x400)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000340)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x1}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000013c0)={{0x14, 0x453, 0x1, 0x0, 0x0, {0x5}}, [], {0x14, 0x3f4}}, 0x28}, 0x1, 0x0, 0x0, 0x64841}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt$sock_cred(r4, 0x1, 0x11, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000040)=@base={0x14, 0x1, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x200, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff, 0xfffffffe}, 0xfffffffffffffecb)
r6 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r6, 0x1, 0xf, 0x0, 0x0)
bind$inet6(r6, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r5, 0x0, 0x0}, 0x20)

15.039062679s ago: executing program 0 (id=1468):
syz_emit_ethernet(0x8a, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
setgroups(0x0, 0x0)
ioctl$VIDIOC_CROPCAP(0xffffffffffffffff, 0xc02c563a, &(0x7f00000000c0)={0xa, {0x4, 0x3, 0x1, 0x401}, {0x0, 0x2, 0x4, 0x1000}, {0xa47, 0x5}})
shmget$private(0x0, 0x4000, 0x800, &(0x7f0000007000/0x4000)=nil)
openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0)
io_setup(0x20004, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
syz_open_dev$usbfs(0x0, 0x77, 0x3501)
process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet6(0xa, 0xa, 0x9)

14.890551241s ago: executing program 6 (id=1470):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_ZEROPAGE(0xffffffffffffffff, 0xc020aa04, 0x0)
setsockopt$inet_int(r0, 0x0, 0x12, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0xff}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
msgctl$MSG_INFO(0x0, 0xc, 0x0)
r4 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x800, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0)
mlock(&(0x7f0000008000/0x3000)=nil, 0x3000)
ioctl$sock_bt_bnep_BNEPGETCONNINFO(0xffffffffffffffff, 0x800442d3, &(0x7f0000000180)={0xfffffffd, 0x9, 0xc3d, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x15}, 'ipvlan1\x00'})
getsockopt(0xffffffffffffffff, 0x28, 0x0, 0xfffffffffffffffc, 0x0)

11.267835922s ago: executing program 0 (id=1478):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x2000c16, &(0x7f0000000280)={[{@usrquota}, {@nodelalloc}]}, 0xff, 0x25e, &(0x7f0000000e80)="$eJzs3U1IHGcYB/BnZndr1aXY9lIo/YBSSiuIvRV6sZcWhCJSSqEtWErppUULVulNe8olh+QYkuApFwm5xeQYvEguCYGcTOLBXAKJ5BDJIQnZsDsr+JVo3HUnZH4/WOfDd97nHWb+74g4GEBh9UXEUESUIqI/IioRkWxu8HH26WtuznUvjUXUaj/cTxrtsu3MxnG9ETEbEV9FxGKaxF/liOmFX1YfLn/32dGpyqdnFn7u7uhJNq2trny/fnrkyPnhL6evXr87ksRQVLecV/slu+wrJxHvHEaxV0RSznsE7Mfof+du1HP/bkR80sh/JdLILt6xyTcWK/HFqecde/zetfc7OVag/Wq1Sv0ZOFsDCieNiGok6UBEZOtpOjCQ/Qx/s9ST/j0x+W//nxNT43/kPVMB7VKNWPn2YteF3m35v1PK8g+8prJfSq38ODp/q76yXsp7QEBHfJAt6s///t9mPg/5h8KRfygu+Yfikn8oLvmH4pJ/KC75h4J42vxjv0275B+KS/6huA6c/xNPDm9QQEdszj8AUCy1rgO9Ndzel5CBXOQ9/wAAAAAAAAAAAAAAAAAAADvNdS+NbXza02N5zxaXT0asfZM13Vm/1Ph/xBFvNr72PEi29Jjsq8KL/fpRix206GzOb1+/dTvf+lc+zLf+zHjE7P8RMVgu77z/kub9d3Bv7/H9yu8tFnhJybbtr3/qbP3tHs/nW394OeJSff4Z3G3+SeO9xnL3+adav34t1v/nUYsdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0DHPAgAA///B2nXP")
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x45)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6(0xa, 0x1, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="020300090a0000000000000004000000030006000000000002000000ac1414000000000000000000020001000000000000000002fffffffb030005000000000002"], 0x50}}, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x4}}, 0xe8)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)

11.228211096s ago: executing program 6 (id=1479):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f0000000140)=0x40, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r3=>0x0})
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x20)
setsockopt$XDP_UMEM_COMPLETION_RING(0xffffffffffffffff, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r5=>0x0})
setsockopt$XDP_UMEM_FILL_RING(0xffffffffffffffff, 0x11b, 0x5, &(0x7f0000000300)=0x2, 0x4)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x0, r5}, 0x10)
bind$xdp(r1, &(0x7f0000000240)={0x2c, 0x1, r5}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xe}, {}, {0x7, 0xd}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x0)

10.824296431s ago: executing program 5 (id=1480):
r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r1 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000000c0)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000440)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_pidfd_open(r1, 0x0)
r5 = memfd_create(&(0x7f00000009c0)='y\x105\xf3\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdbU\xb1\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\x90i\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14O\xf8\xb5C\x1f\xb6b8b\x06A2@D\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\x05\x00\x00\x00\x00\x00\x00\x00\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\x88\xd1\x1eQB\x18\xc1-\xc4\x8fK\xf8\xfa\xb6\xf8\v;\xaa\x8fW\xcc\n\x17\x7f\x98\xb7\xcdqV\xd4\xf0)\xfa\x0fG\xc8\xbf\xfd\xe8>K\f\xcd+\xb0\x99Q\xba/\xa8\xb9`k\b\xd1\xcc\xfc\xeaA\"\v=\x83fC\x90%\xa1d\x91\xf8:\x16<\xad\xc2\x18\xdf\x01\xe2\x96\xfcj\xe9\xa4\x065m\x03\x05Np\xda\"\xf1\xb6\xbcP\x8fP\x8d\x89%\xf2\x12T\xd0\xc3\x15W\x9c\x87\x1b\x8c\xc9\xd9\xc6\xad\x96-d\xa2wFB\xcaB\xa5\x15\xf8,\x04\x1c*\xd98\x8bG\x90\x81`\x03\xe0\xde\x9c\x9a\x0f\x1b\x8f\xd2%*&$Wc\xb3\xa6\xc4TK1}2\xb3\xab\xf4\xb7\xb7\x85\apa\xaf\x1c\x10i\xb9\x9f\x06\xff4%\"7f \x0e\xf5Bk\r\xac\"\x13tNx\xc0$\x85\x9f', 0x2)
ftruncate(r5, 0xffff)
fcntl$addseals(r5, 0x409, 0x7)
ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f0000000100)={r5, 0x2, 0x4000, 0x1000})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000380)=@delqdisc={0x434, 0x25, 0x100, 0x70bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xd, 0xf}, {0xa, 0x7}, {0x0, 0x3}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x408, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x3, 0xfffffff8, 0x4, 0x40, 0x2, 0x2, 0x5, 0x7fff, 0x4, 0x1, 0x6, 0x1c8, 0x7, 0x0, 0x5, 0x1, 0x8, 0x9, 0x9, 0x9, 0xf9, 0x200, 0x1, 0x5, 0x6, 0xfff, 0x9, 0x1, 0x80, 0x10000, 0x0, 0x6, 0xff, 0x4, 0x6, 0x9, 0xe6c1, 0x2, 0x65, 0x6, 0x5, 0x71, 0x1f146d7e, 0x80000001, 0x89, 0xe9, 0x80000001, 0x2, 0xff, 0x8, 0xffff8dc2, 0x400, 0x0, 0x2, 0xffff, 0x10001, 0x3ff, 0x0, 0x8, 0xa000000, 0x0, 0x5, 0x8, 0x3, 0x4, 0x401, 0x5, 0x8, 0x4ad1, 0x1, 0x25b1, 0x5, 0xfff, 0x0, 0xe, 0xffffffff, 0x7, 0x5, 0x3ff, 0xfff, 0x8, 0xf, 0x0, 0x4, 0x626cfd3b, 0x0, 0x60df8662, 0x2, 0x5, 0x4, 0xc6, 0x8, 0x7, 0xfffffffa, 0x9, 0x4, 0xffffffff, 0xa80, 0x0, 0x7, 0x2, 0xffff8000, 0xff, 0x8, 0x7, 0xc, 0xfdc1, 0x77f, 0x4, 0xfffffff0, 0x4, 0x7fff, 0x1000, 0x1, 0x1f1f, 0x3, 0x665195e5, 0x5, 0x7, 0x5, 0x8, 0x7, 0x4, 0x800, 0x101, 0x400, 0x2, 0x6, 0xd, 0x9, 0x7, 0xc5, 0x99, 0x4, 0x2e9, 0x4, 0x3, 0x401, 0xfffffffe, 0x7, 0x80000000, 0x8, 0x0, 0x4, 0x37, 0x4, 0x31, 0x2, 0x2, 0x3, 0x6, 0x1, 0x690c, 0x368d, 0x9, 0x2, 0xe, 0x8, 0x5, 0x5597, 0x3, 0x4, 0x7fff, 0x62, 0xf6, 0x5, 0x0, 0x7fffffff, 0xd, 0x9, 0x2, 0x100, 0x6, 0x101, 0x5, 0x2, 0x3, 0x4, 0xfc8d, 0x8, 0x3ff, 0x3, 0x0, 0x3, 0x5, 0x9, 0x5, 0x8000, 0x1, 0x7, 0x20000, 0x4, 0x2, 0x9f85, 0x65, 0x4, 0x0, 0x7ff, 0x4, 0x6, 0x7, 0xd92, 0x40, 0xfff, 0xe1, 0x8, 0x426, 0x5, 0x9, 0x1, 0x1000, 0x9, 0x36ae765f, 0x401, 0x9, 0x200000, 0x3, 0x4, 0x5, 0x0, 0x89, 0x5, 0x80000000, 0x9c4, 0x1, 0x41632842, 0x6, 0x10, 0x2, 0x8001, 0x5, 0x100, 0x8, 0x9, 0xfe64, 0xd, 0x1c2, 0x2, 0x6, 0x2, 0x80000001, 0xa, 0x6, 0xfffffffc, 0x5, 0x3, 0x7f, 0x8001, 0x5, 0x3, 0x6, 0x8001, 0x10001, 0x5, 0x4, 0x7]}]}}]}, 0x434}, 0x1, 0x0, 0x0, 0x40000}, 0x8010)
unshare(0x20000400)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[], 0x48)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

9.620551708s ago: executing program 5 (id=1481):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$MSR(0x0, 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c09c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd='])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
socket$packet(0x11, 0x2, 0x300)
socket$inet6(0xa, 0x80002, 0x0)
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="71756965742c636f6465706167653d69736f383835392d31352c706172743d3078303030303030300000000000000000662c00a20000000700000000ede9debf530c3cc4d04b548919aca0c2937d4da1fc31dc42fc2e3e", @ANYBLOB="23341129bfb4fcc388a80c49b4f4d96254cb9356759776b03b581050240d2d9a5cf3440e76c886f1e5c860656a3648101223fc288fc5274f0e609cfed0fc738d84eb544791dd1cb959421db9fbcb634df876aa2133fd62e245fb6b1ead07ca04772d78564af8f42015e5be557ab3bd60824768691005cbd3d295402693d934226595deeba1ff748b7dde9c617749aa38096ef667700a6b3668cb7296b024fbcf9f74e50bf0f834159f51737baac184f94dd13a9793b76946208f290637d8def94e5f56f1181da3eed500440f", @ANYRES32=0x0, @ANYRES16, @ANYRES16], 0xd, 0x2d5, &(0x7f0000000bc0)="$eJzs3ctqFEscx/Ff9UySycmQ07kcDriMBnQjMW7EzQSZhxAXomZGCA4RTQR1YxQXIqJ7976CryC4UXwBXbnyAUYQWqq65pqe7jhkujP4/YChp7uq61/pS9V/wJQA/LWu1L++u/jd/jNSSSXp5WUpkPRCKkv6T/9XHuzu7+y3mo2U87QjRxXJKK5pDhXa3m0m1a3I1/BC+6msav8+TEYURVvfJO0VHQgK5Z7+BIE0559Od7ySe2Tpno5Z7+CY45g2pq22Hmqx6DgAAMXy43/gx/mqn78HgbTuh/0TOf6Pq110ABMXpR7tG/9dlhUZe33/dYd6+Z5L4ezxoJMlHqXlmaHPs4rvrIEJpsnKKl0swfztnVbz/PbdViPQM9W8vmKr7mcjvnU7MqJdS8hNUxyh7yZ5Rrng+jBj+7A5Iv6VMVscm/loPpvrJtRbNbrzv3Jk7GVyVyoculJx/Bujz+h6GdpS8q+NWq0WDBRZco2c8i14Gb2sJGck6txRSxr8giDMitPVWh6qFffuQkatlbjW1vxArc3OpxG1Vgfasr3p3s2j25s089pcNWv6ofeq983/AxvfulKfzN5TY9bjocD9xuP+zCY3V3bnDA+NHAe6Vh3c0/0tzo0K/Wf6Ow1DnqQce6VbuqTFvUeP75RareZ9u3EzYeNetbtn5rmUWKaAjUC9PTroHZpT/EXkoVqdQSnPUM8d6wnt+yOzsH3KcungibkTitiof8r3RipiI6d3FArVu+iZRT/kEhDy5uZdcf7Xl69suMme/RGmzNMzJ2T+jJGdY3czoMpA/WW39c8fZXALozO4o+Zcp89KZ7q7fkUZLYY+zukQpU39LFPXF93g+38AAAAAAAAAAAAAAAAAAIBpk8d/Jyi6jwAAAAAAAAAAAAAAAAAAAAAATLvu+r/qrP8rv/5vJX393+G//F2KV3g5lvV/3+yK9X+ByfsdAAD//y0Iis0=")
r3 = fsopen(&(0x7f0000000280)='gfs2meta\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220)
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200)

9.615506128s ago: executing program 1 (id=1491):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$fou(&(0x7f00000001c0), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003f"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000f00), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x80, r6, 0x1, 0x0, 0x0, {}, [{@pci={{0x8, 0x8e}, {0x11}}, {0xd}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5}}]}, 0x80}}, 0x0)
sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000300)={0x5c, r6, 0x100, 0x70bd28, 0x25dfdbfd, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x9608}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x2}}]}, 0x5c}}, 0x8800)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, 0x0)
sendmsg$FOU_CMD_GET(r0, 0x0, 0x4008080)
r7 = syz_open_dev$sg(&(0x7f0000000100), 0xf3c, 0x8630644572849689)
ioctl$SG_SET_RESERVED_SIZE(r7, 0x2275, &(0x7f0000000040)=0x8001)

9.350797402s ago: executing program 6 (id=1483):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
ptrace$ARCH_SHSTK_ENABLE(0x1e, r0, 0x0, 0x5001)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

8.834295497s ago: executing program 4 (id=1484):
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
r1 = epoll_create1(0x80000)
memfd_create(&(0x7f0000000900)='y\x105\xfb\xf7u\x83%\x1f\xe09@:r\xc2\xb9x0\x90P\x03\x00\x00\x00\x00\x00\x00\x00\xfe,\x1c\xf1\xdd\xcf]\xac\xbc\t\xbb\xfc\xa4j\x9f\xceX\x8f5=\xaa\xd5\xe9n\xab s\xa5\x00\x8d\tV\t\x91\x18\x06O\xb0=D\xda\xb6F\x1a\xc82\x8b\xc0l\xd0\x89d\xe6\xb7\xd8\x97\xb8\xde\xa3\x89\xc2%/u\x17\xdaM\x8d\x01Lh\x1e^\x9ej\x1c\xc5\xf0\xf6\x92\x05\x9aH\x00\'\xd4\x94d_\v\xfc\xad\x0f\xa8\xc5\xad\x00\xc2\x12\xff\xff\xff\xff\xff\xff\x00\x00\x00\x00\nj\x8c\xef\x90\xc0Z\xfa\x1a\xb3\xf0wVq\xe9d\xf8N\x80\xd1g\xd8e\xc8\x16\xad1\x02\xab\xce3\xb2\xb0\xd1\x11\xf0\xc3Gj+kV$\x80\x8aJ$\x81\xc0\x16\xf5\x9cz\x10\x97\xdb\x12H\xee/\xe3sY\x02D;L~\xd0\xb44\x01*\xfb\xa4 \xb2b\x90H$\xb2\xad\xbf\x8aM\xb6\x81\x81^\x02\xa0\xa7t\xfbHb\xa5=\xdd+$\xc06J\xb4\xf0\xab\x85Xz\x9f\xb2D$\xbe\xd9\x7f-\r\x9aj9r\n_\x11\xd4\x19\xb0\xa0G\xb7\x94\xf7\xfd~\xe9\xb6G\xbfE\xbb\x15\x15\xa6\xca2\xd0\xd3\x8c\xf7nO\xf9\xa8\xfd\x8a\xd2\xb2\xab\xff\xe4\xb0;\xd9\xa8\f\x03R\xbd%\x9fF\xee\x05\x06.3(QF?\f\x05\xa4uY\xee\xab\x8a\xeb~\xed\xcb0\xb7\xe7\xe6?8g\x8aN\xda\x8f\x9d\xde\x1eNaS\x8fLk\xf1\x965N\x18\x8c\xb9=5\x991\xae\x89N\x13\xd1\xf7\xf0\x13\xb2\xaeS\xa1\x97\x18j\xea\x9f\xde\xb6\xd4\xdc\xe6*\x9c\xfdV\x82\x05\'u\xa4\x00_\xaf8\xdf-J?V=\xf3\xb4\xac\x179\x9f\x04\x100\x9f\xd4\xd6\x8d\xde\xc2Z\x17H\v\xeb_ug\xb1\x90_}\x9f\xa05D\xa8\xce#h`\x1c\x98\xa8\x0e\x86\xda&i)R1<hI\x91\xb7\x8e\xac)\b\x00\x00\x00#\x84\xace~\xd9\xca\x00!\x1boS\x9frZ\x19|\xd0V\vA\x00W\xa7\xa5\xc7\xcd6!\x11\x9eU\xe4;\xa3\xb1\xf2\xd8#\xe3\'\xed\x90\t\xa7\xf7\x82\xf7\x13t\xd2\xb0\xb6\xad\x81X\xa8\xe7-o>\xb7\xf5\n\x87\xd9z6\xc4\x9c1\xf3E-{1V\xe4\x99[\xe1\x85\x83??e\xae\x8a\xb2\xf8\x14z\xd3T/9\x00g\xba\x13x0}\xf6\xeb\xaeT\xa9\xe18\x06\xd8GwS\xc7\x85u\xc4\xa1\x9e\xf1\xc0\x8b\xd1\x14j\x88\x99\xfe\xeb\x83\x13]\r\xb7\xbf\x9cSL\xe3i\xc3\xfe\r\xf7%\x92,\xef\xf2\xc1\xb5\xb0\x16\x17W\xbc\x14\xc3\x05\xcdnY\x9a2\xa8U\x13\x869\xc5\xb6\xa3\x00\x86\xb9\xb0\x91\x83\x8an\xc5\x9a\xaeML\x91\xa0r\v\xbd\x8d\xf4\xa6\xc7E\xf8\x8bC0s\x99jO\x9dc\xefa\x85\x9a\xb1\x90\x01-\xb0L\x82\xe9\x03\xc2\xae', 0x3)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
shmctl$SHM_INFO(0x0, 0xe, &(0x7f0000000580)=""/162)
close(0x3)
capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7})
r5 = syz_open_dev$sg(&(0x7f0000000100), 0x0, 0x8040)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000001340)={0x53, 0xffffffffffffffff, 0x6, 0x5, @scatter={0x0, 0x0, 0x0}, &(0x7f00000000c0)='B\x00\x00\x00\x00\x00', 0x0, 0x7, 0x0, 0x0, 0x0})
ioctl$UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0x60000006})
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000000)={0x2000})

8.069881715s ago: executing program 1 (id=1485):
fcntl$setsig(0xffffffffffffffff, 0xa, 0x31)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x1, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000000)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[], 0x50}}, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800400, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
rt_sigqueueinfo(0x0, 0x3b, &(0x7f0000000580)={0x37, 0x5, 0x9})
socket$key(0xf, 0x3, 0x2)

8.069576085s ago: executing program 6 (id=1486):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_inet_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000040))
socket(0x1, 0x5, 0x0)
r1 = socket$kcm(0x10, 0x4, 0x10)
recvmsg(r1, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x10000)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x25}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSETELEM={0x58, 0xc, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x2c, 0x3, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x6}, @NFTA_SET_ELEM_EXPRESSIONS={0x1c, 0xb, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8}]}}}]}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xa0}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'hsr0\x00'})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_SERVICE(r4, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000780)={0x44, r5, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x30, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PORT={0x6}, @IPVS_SVC_ATTR_AF={0x6}, @IPVS_SVC_ATTR_PROTOCOL={0x6}, @IPVS_SVC_ATTR_ADDR={0x4, 0x3, @ipv6=@private1}]}]}, 0x44}}, 0x0)
socket(0x10, 0x80002, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="200000006800e97800000000000000000a0000000000000008000500", @ANYRES8=r6], 0x20}}, 0x0)
sendmsg$nl_route(r7, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="240000001800090400000000000000000a000000000000030000000008001e0001"], 0x24}}, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB="640000001020370400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000440012800e00010069703665727370616e00000030000280140006002001000000000000000000000000000214000700fc02000000000000000000000000000004001200"], 0x64}}, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0x1, 0x1, 0x0, {0x0, 0x0, 0x0, 0x0, 0x420}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)

7.56187411s ago: executing program 0 (id=1487):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = socket$inet6(0xa, 0x80003, 0xff)
setsockopt$inet6_int(r3, 0x29, 0x16, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x80003, 0xff)
socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_int(r4, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
close_range(r2, 0xffffffffffffffff, 0x0)

7.558135761s ago: executing program 4 (id=1488):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/tty/drivers\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x106f)
r5 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r5, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendmsg$rds(r5, &(0x7f0000000680)={&(0x7f00000000c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}, 0x10, 0x0}, 0x0)
syz_io_uring_setup(0x2, 0x0, &(0x7f0000000000), &(0x7f00000003c0))
sendmsg$rds(r5, 0x0, 0x0)

7.548889082s ago: executing program 5 (id=1489):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = mq_open(&(0x7f0000000a00)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\x81W\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xf5#G\xce\xafUD\x9dA\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb\x00\x00\x00\x00\x00', 0x42, 0x0, 0x0)
mq_timedsend(r4, 0x0, 0x0, 0x6, 0x0)
r5 = timerfd_create(0x0, 0x800)
timerfd_settime(r5, 0x3, 0x0, 0x0)
clock_adjtime(0x0, &(0x7f0000000000)={0x3ff, 0x0, 0x0, 0x0, 0x0, 0x79d, 0x0, 0x0, 0x0, 0x100})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r6=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000300)={r6, <r7=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
getsockopt$inet_tcp_buf(0xffffffffffffffff, 0x6, 0x1c, &(0x7f00000004c0)=""/187, &(0x7f0000000240)=0xbb)
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000180)={0x0, 0x0, r7})
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)

7.00451709s ago: executing program 5 (id=1490):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000380))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/syz0\x00', 0x200002, 0x0)

6.987826701s ago: executing program 1 (id=1492):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x0, 0x20}, 0xc)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
sendto$inet6(r4, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x56)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r4, 0x604ab000)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000001380)=""/4080, 0xfffffffffffffdcc, 0x0, 0x0, 0xffffffffffffff29}, &(0x7f0000000000)=0x40)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f00000003c0)={&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x62, 0x1, 0x0}, &(0x7f0000000380)=0x40)

5.137252105s ago: executing program 4 (id=1493):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
syz_open_dev$dri(0x0, 0x1, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x10, 0x0, 0x7fff7ffc}]})
syz_usb_connect$hid(0x2, 0x0, 0x0, 0x0)
r3 = syz_io_uring_setup(0x10c, &(0x7f00000000c0)={0x0, 0x8006d89, 0x400, 0x2, 0x66}, &(0x7f0000000400)=<r4=>0x0, &(0x7f0000000040)=<r5=>0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
syz_io_uring_submit(r4, r5, &(0x7f00000004c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r9, 0x0, 0x0, 0x0, 0x100})
io_uring_enter(r3, 0x8aa, 0x0, 0x0, 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

4.434819257s ago: executing program 5 (id=1494):
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4b, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x120c006, &(0x7f0000000240)={[{@grpquota}, {@nobarrier}, {@dax_inode}, {@debug}, {@dioread_lock}, {}, {@nomblk_io_submit}, {@noauto_da_alloc}]}, 0x1, 0x5ec, &(0x7f0000002dc0)="$eJzs3c1vVFUbAPDnTD9oKe/bQoyKC2liDCRKSwsYYlzA1pAGP+LGjZUWRAo0tEaKJpQENybGjTEmrlyI/4US2bLSlQs3rgwJUcPSxDEznVtm2juFTtsZ7P39kmHOvWcu59zOPHPPPXPOvQEU1nDln1LE3oiYTRGDaXE5rztqmcNLr7v/18enK48U5fIbf6RItXXZ61PteaC2cV9E/PRjij1dq8udW7h6fnJmZvpybXl0/sLs6NzC1YPnLkyenT47fXH8pfFjR48cPTZ2qKX9upaz7uSN9z8c/HTi7W+//juNfffrRIrj8WrthfX7sVmGY7j6N0mrswaObXZhHdJV+5zUv8Wpu4MVYl2y968nIp6KweiKB2/eYHzyWkcrB2ypcoooAwWVxD8UVNYOyM7tV54HlzrSKgHa4d6JpQ6A1fHfvdQ3GH3VvoGd91PUd+ukiGitZ67Rroi4c3vixpnbEzdii/rhgHyL1yPi6bz4T9X4H4q+GKrGf6kh/ivtglO158r611ssf2VXsfiH9lmK/7414z+axP87dfH/bovlDz9IvtffEP/9re4SAAAAAAAAFNatExHxYt7v/6Xl8T+xNP6nt367gYg4vgnlD69YXv37f+nuJhQD5Lh3IuKV3PG/pWz071BXLfW/6niAnnTm3Mz0oYj4f0QciJ4dleWxNco4+Nmer5rlDdfG/2WPSvl3amMBa/W4272jcZupyfnJje43EHHvesQzueN/0/LxP+WM/618H8w+Yhl7nr95qlnew+Mf2CrlbyL25x7/H1y1Iq19fY7RantgNGsVrPbsR59/36z8VuPfJSZg4yrH/51rx/9Qqr9ez9z6yzi80F1ultdq+783vVm95EzWKXFlcn7+8lhEbzrZVVnbsH58/XWG7SiLhyuTUY2XSvwfeK4u/vtW9//ltf/7I2Jxxf+d/mycU5x58p+B35rVR/sfOqcS/1PrOv6vPzF+c+iHZuU/2vH/SPVYf6C2Rv8fLPkyC9PexvU54didl9Xu+gIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAdlCKiF2RSiPL6VJpZCRiICKeiJ2lmUtz8y+cufTBxalKXvX+/6XsTr+DS8spu///UN3y+IrlwxGxOyK+6OqvLo+cvjQz5Sa+AAAAAAAAAAAAAAAAAAAAUDXQZP5/xe9dna4dsOVchwOKKyf+f+5EPYD2y+K/p8P1ANpP+x+Kq6X47938egDt5/gPxSX+objEPxSX+IfiEv8AAAAAALCt7N5365cUEYsv91cfUTey13Qg2N5Kna4A0DEu8QPFZegPFJdzfCDF2lP6+5pulDZQ6uzpDWwMAAAAAAAAAAAAAIWzf6/5/1BU5v9DcZn/D8WVzf/f1+F6AO3nHB+Ih8zkz53//9CtAAAAAAAAAAAAAIDNNLdw9fzkzMz0ZYm3Ho9qtDNRLpevVT4Fj0t9/uOJbCj841KfFYlsrt+jbdW57yQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDRvwEAAP//ds0jfw==")
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000100), 0x2, 0x4fd, &(0x7f0000000b00)="$eJzs3ctvW1kZAPDv3jycyWQmGZgFoAHKMFBQVTtxZ6LRbBhWI4RGQsySRSckThTFiaPYGZrQRbpkj0QlVrDiHwCJBVJX7JFYwI5NWSDxqEANEgsjX19nnIcbq03sNv79pCufe47t75xa9xzrc3NPACPrWkQcRMRkRHwcEbN5fZIf8X77aD3v8aO7y4eP7i4n0Wx+9M8ka2/VRddrWl7O33MqIr7/QcQPkxNB/xhR39vfWKpWKzt5VamxuV2q7+3fXN9cWqusVbbK5cWFxfl3b71TvqCR/vqo9LvffvHhHw6++eNWt2byuu5xXKT20CeO4rSMR8R3LyPYEIzl45l8mhc/1Yu4SGlEfCYi3syu/9kYyz7N445/TN+K/NIGAF5QzeZsNGe7zwGAqy7NcmBJWsxzATORpsViO4f3ekyn1Vq9cWO1tru10s6VzcVEurpercznucK5mEhW18crC1m5c16tlE+c34qI1yLip4WXsvPicq26MswvPgAwwl4+sf7/p9Be/wGAK67r1/zCMPsBAAyO/80HAKPH+g8Ao8f6DwCjx/oPAKPH+g8Ao8f6DwAj5Xsfftg6mof5/a9XPtnb3ah9cnOlUt8obu4uF5drO9vFtVptLbtnz+Z571et1bYX3o7dO6VGpd4o1ff2b2/Wdrcat7P7et+uTAxkVADAk7z25Qd/TiLi4L2XsiO67vd/7lr9xmX3DrhM6bA7AAzN2LA7AAzN6d2+gFEhHw90bdF7r6t66lThpPt9vX2a7xsKPEeuf/4Z8v/AC03+H0bX0+X/fZeHq0D+H0ZXs5nY8x8ARowcP5Cc0979+/98s+ukv9//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4EqayY4kLeZ7gc9EmhaLEa9ExFxMJKvr1cp8RLwaEX8qTBRa5wsRYd8gAHiRpX9L8v2/rs++NXOydbLw30L2GBE/+vlHP7uz1GjsLERMJv86qm/cz+vLw+g/AHCezjrdWcc7Hj+6u9w5Btmfv3+7vbloK+5hfrRbxmM8e5zKcg3T/07y87bW95WxC4h/cC8iPnfW+JMsNzKX73x6Mn4r9isDjZ8ei59mbe3H1r/FZy+gLzBqHrTmn/fPuv7SuJY9nn39T2Uz1LPrzH+Hp+a/9Gj+G+sx/13rN8bbv//OqcrmbLvtXsQXxiMOO2/eNf904ic94r/VZ/y/vPGlN3u1NX8RcT3OGn9yLFapsbldqu/t31zfXFqrrFW2yuXFhcX5d2+9Uy5lOepSJ1N92j/eu/Fqr/it8U/3iD91zvi/1uf4f/m/j3/wlSfE/8ZXz/78X39C/Naa+PU+4y9N/2aqV1sr/kqP8Z/3+d/oM/7Dv+6v9PlUAGAA6nv7G0vVamXnsgvp5YfICknEwQCG0y4UfvWTDwYV6xIL8Xx0Q+F5Kgx7ZgIu26cX/bB7AgAAAAAAAAAAAAAA9DKIPyca9hgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//2KH0wQ=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x10)
r4 = dup(r1)
openat(r4, &(0x7f0000000300)='./bus\x00', 0x60840, 0x8)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000002780)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
read$FUSE(r5, &(0x7f0000000480)={0x2020, 0x0, 0x0, <r6=>0x0, <r7=>0x0}, 0x2020)
fchown(r3, r6, r7)

4.375126542s ago: executing program 1 (id=1495):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/tty/drivers\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x106f)
r5 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r5, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendmsg$rds(r5, &(0x7f0000000680)={&(0x7f00000000c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}, 0x10, 0x0}, 0x0)
syz_io_uring_setup(0x2, 0x0, &(0x7f0000000000), 0x0)
sendmsg$rds(r5, &(0x7f0000000600)={&(0x7f0000000200)={0x2, 0x4e21, @rand_addr=0x64010100}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x20000040}, 0x0)

1.80882552s ago: executing program 0 (id=1496):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
munmap(&(0x7f000060f000/0x4000)=nil, 0x4000)
madvise(&(0x7f0000492000/0x2000)=nil, 0x2000, 0x12)
munmap(&(0x7f0000694000/0x3000)=nil, 0x3000)
mremap(&(0x7f00007b2000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000968000/0x3000)=nil)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0xa031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newlink={0x50, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0x3}, @IFLA_GRE_ENCAP_FLAGS={0x6, 0xf, 0x200}, @IFLA_GRE_ENCAP_TYPE={0x6, 0xe, 0x1}]}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x80d0}, 0x4002000)

1.80751769s ago: executing program 1 (id=1497):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = openat$ashmem(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0)
mremap(&(0x7f0000dde000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000bb3000/0x1000)=nil)
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000280)={<r6=>0x0, <r7=>0x0}, &(0x7f00000013c0)=0xc)
sendmmsg$unix(r5, &(0x7f0000000700)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000440)="aa", 0x1}], 0x1, 0x0, 0x0, 0x40044}}, {{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)="11", 0x1}], 0x1, &(0x7f00000006c0)=[@cred={{0x1c, 0x1, 0x2, {r6, r7, 0xee01}}}], 0x20, 0x400e815}}], 0x2, 0x4)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
setsockopt$sock_int(r4, 0x1, 0x10, &(0x7f00000002c0)=0x8001, 0x4)
splice(r4, 0x0, r8, 0x0, 0x39000, 0x0)

1.80719643s ago: executing program 4 (id=1498):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2b, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}}}, 0x108)
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r4, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8)
sendto$inet6(r4, &(0x7f0000001300)="92", 0x1, 0x10, &(0x7f00000014c0)={0xa, 0x4e1c, 0xfffffffc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r4, 0x84, 0x7c, &(0x7f00000002c0)={0x0, 0x0, 0x4}, 0x8)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100), 0x6ad01, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
r5 = io_uring_setup(0x1c79, 0x0)
io_uring_enter(r5, 0x2219, 0x7721, 0x16, 0x0, 0x0)

1.784442372s ago: executing program 5 (id=1499):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r3 = socket(0x10, 0x2, 0x0)
write(r3, &(0x7f0000000480)="1c0000001a009b8a140000003b000000000000000000000000000000fda35065733173ae72a0d270d958f739b6d44c893b03599f77a332b446ea93568ae2ff534952656c6a18b6c0fdcec321127ee28705f2496eb43654255c5cc688f71db82bab173f4e19361ac01c1b0a2d2229993c8308ab7721e4c33c5fc214cd64a17d552a0fa33011d3ccceb56738a8c7e690d58433", 0x92)
recvmmsg(r3, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup(r5)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r4, &(0x7f00000000c0)=ANY=[], 0xffe)

73.416503ms ago: executing program 0 (id=1500):
openat$ppp(0xffffffffffffff9c, 0x0, 0x101940, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000140)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet(0x2, 0x1, 0x100)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x5, 0xfffffffffffffffd, 0x8001, 0x0, 0x1000001000, 0x45}, 0x0, &(0x7f0000000080)={0x3ff, 0x4, 0x100000, 0x9, 0x0, 0x10, 0x80000002}, 0x0, 0x0)
r3 = open(&(0x7f0000000000)='.\x00', 0x0, 0xc5)
fcntl$notify(r3, 0x402, 0x31)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', 0x0, 0x0, 0x0, 0x2)
close_range(r1, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x180)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, 0x0, 0xee8f52e393d51bbd)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/udp6\x00')
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000440)={0x50, 0x0, 0x0, {0x7, 0x29, 0x0, 0x0, 0x0, 0x2, 0xfffffffd, 0x6e, 0x0, 0x0, 0x10, 0x1}}, 0x50)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x3)
openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x3)

72.210414ms ago: executing program 1 (id=1510):
socket$inet(0x10, 0x0, 0x40000003)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x2800000, &(0x7f0000000140)={[{@debug}, {@delalloc}, {@journal_ioprio}, {@test_dummy_encryption}, {@nodiscard}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}, {@nodiscard}, {@abort}]}, 0x1, 0xbb4, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnHy2zb2TXi6X27tpLpdLC+I0raTYIthKxY0LQbdCQzopIdMPkkhNmsVE/wFR14IbQS1KF3bdjYJbN1q3FhdCkdgoiGjkzEeSJjNJ2k5yYvL7wZvzvvOcOe/z5DBzzgszE8CeNZD9SSMORcT5JKJQfzyNiO5qrzeiUttvYX525Jf52ZEkFhdf/jGJJCLuz8+ONI6V1LcH6oPeiPjquST+8ebaeSenZ8aHy+XSRH18bOrS1WOT0zNPjl0avli6WLp8/OTTQyeGTg6eGmpbrb9+d+bWz/994fvKbx/9fuOndz5I4kz01WMr66hX/dgGYmDpf7JSZ0QMt+H4O0FHvZ6VdSadGzwp3eKkAABoKV1xD/evKERHLN+8FeLzr3NNDgAAAGiLxY6IRQAAAGCXS6z/AQAAYJdrfA7g/vzsSKPl+4mE7XXvbET01+pfqLdapDMq1W1vdEXE/vtJrPxaa1J72mMbiIi73576NGvR5HvIW60yFxH/bnb+k2r9/fVvQq+uP42IwTbMP7Bq/Feq/0wb5s+7fgD2pttnaxeytde/dOn+J5pc/zqbXLseRd7Xv8b938Ka+7/l+jta3P+9tMk5rn/43rVWsaz+Z249/0mjZfNn28cq6iHcm4v4T2ez+pOl+pMW9Z/f5ByFP66VWsXyrn/x/Ygj0bz+hmT93yc6NjpWLg3W/jadY+7LoY9bzZ93/dn539+i/o3O/9UHjtT6R31ePXfuZqvYxvWnP3Qnr1R73fVHXh+empo4HtGdvLj28RPr19vYp3GMrP6j/1v/9d+s/uw9oVL/P2SVz9W32fiNVXM+e+P6Z+vVn6398jz/Fx7x/L+1yTn+/8XbR1vFVq5/s5bNfzeprYUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCGNiL5I0mJEJNV+mhaLEQci4p+xPy1fmZx6YvTKa5cvZLGI/uhKR8fKpcGIKNTGSTY+Xu0vj0+sGj8VEQcj4t3Cvuq4OHKlfCHv4gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhyICL6IkmLEZFGxEIhTYvFvLMCAAAA2q4/7wQAAACALWf9DwAAALuf9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABb7ODh23eSiKic3ldtme56rCvXzICtluadAJCbjrwTAHLTmXcCQG4eco3vdgF2oWSDeG/LSE/bcwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg5zpy6PadJCIqp/dVW6a7Hutq+ozD25gdsJXSvBMActOxXrBz+/IAtp+XOOxdzdf4wF6SbBDvXd6n8mCkZ8tyAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDn6au2JC1GRFrtp2mxGPG3iOiPrmR0rFwajIi/R8Q3ha6ebNyTd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC03eT0zPhwuVya0NHRybeT7Iw0ap2835kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMjD5PTM+HC5XJqYzDsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIG+T0zPjw+VyaWITnZsPs/OKTt41AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQnz8DAAD//9b4DfQ=")
socket$igmp6(0xa, 0x3, 0x2)
truncate(0x0, 0x400000f000)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x7, 0x20000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_icmp(0xa, 0x2, 0x3a)
connect$inet6(r3, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = fsopen(0x0, 0x0)
r5 = fsmount(r4, 0x0, 0xa)
unshare(0x2c020400)
fstat(r5, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
quotactl$Q_GETNEXTQUOTA(0xffffffff80000900, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

48.433975ms ago: executing program 4 (id=1501):
socket$inet_udp(0x2, 0x2, 0x0)
openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$alg(0x26, 0x5, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
memfd_secret(0x80000)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
pipe(&(0x7f0000000240))
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100))
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000080)={'syz1\x00', {0x1b10, 0x0, 0x1, 0x2}, 0x2f, [0x2, 0x1, 0x704d, 0x1, 0x3, 0x1, 0x2, 0x7db, 0x4, 0xfffffc01, 0xfffffffb, 0x8, 0x200001, 0x100, 0xfe, 0x4a, 0x7, 0x5, 0x2ca, 0x8, 0x76, 0x8, 0x0, 0x200, 0x40, 0x19b2, 0x8000, 0x7, 0xc1, 0x4000000, 0x7, 0x3, 0xe, 0x7, 0x1, 0x1, 0x5, 0xf, 0x7, 0x10001, 0x9, 0x7f, 0x8, 0x6, 0xb, 0x4, 0x6, 0x40, 0x7f, 0x9, 0x1, 0x6, 0x4, 0x2284919, 0x4, 0x5643fa73, 0xfffeffff, 0x7, 0x800, 0x2, 0x8a, 0x6, 0x1, 0x6], [0xfffffed2, 0x7fffffff, 0xffff, 0x7, 0xe62, 0x3, 0x0, 0x9, 0xc33, 0xf, 0x7, 0x800, 0x6c368000, 0x4, 0x1000007, 0x0, 0x10, 0x5, 0x8, 0x8001, 0x3, 0x7fff, 0x9, 0x0, 0x5, 0x4, 0x4, 0x8, 0x40, 0xc14, 0x80000001, 0x3, 0x3, 0x7, 0x7, 0x8, 0x8, 0x5, 0x4, 0x9, 0x5, 0x3, 0x2, 0x4, 0x0, 0xfff, 0xa4, 0x4, 0x5, 0xd69, 0x9, 0xf404, 0xf1, 0x3, 0x3, 0x1, 0x6, 0x0, 0x0, 0x6, 0x8, 0x9, 0x4, 0x1000068], [0x1, 0x1, 0x4, 0xfffffffc, 0x0, 0x7fff, 0x405, 0x9, 0x2, 0xffc, 0x7, 0x4, 0xc, 0x7, 0xa, 0xa, 0x6, 0x4, 0x5, 0x5, 0x2, 0x30000000, 0x644, 0x2, 0xfffffffd, 0x7, 0x10000, 0x7f, 0x7ff, 0xd, 0x400, 0x0, 0x41, 0x81, 0xc99, 0x25a, 0x2, 0xfffffffc, 0x2, 0x5d9fff6, 0x3ff, 0xff, 0x4, 0x8, 0x10000, 0xe7, 0x200, 0x7af5, 0x0, 0x9, 0x0, 0xffff, 0x7, 0x6, 0x0, 0x81, 0x9, 0x2000002, 0x3, 0x100, 0x8, 0x0, 0x6, 0x10], [0xffefff80, 0xd5800000, 0x0, 0x4, 0x2, 0x62a, 0x6, 0x407, 0xb343, 0x4, 0x1, 0x8, 0x7, 0x8, 0xffffff81, 0x80000000, 0x5, 0x3, 0x201, 0xfff, 0x3, 0x0, 0x3c65, 0xa, 0x6, 0x80, 0xffffffff, 0x3, 0x2, 0x7, 0x1, 0x7, 0x7, 0x8, 0x1, 0x0, 0x9, 0x17ce, 0x0, 0x3, 0x6fe, 0xe, 0x7, 0x13b, 0x7, 0x8, 0xb757, 0x2, 0x117, 0x996, 0x54, 0x8c1, 0x0, 0x5, 0x5, 0xf, 0x100, 0x10000400, 0x9, 0x5, 0x3, 0xfffffffb, 0xc, 0x2]}, 0x45c)
r0 = syz_io_uring_setup(0xd2, &(0x7f0000000500)={0x0, 0x2000000, 0x800, 0x0, 0xc0}, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000640)=<r2=>0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

0s ago: executing program 4 (id=1502):
add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$fscrypt_v1(&(0x7f0000000440), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x87}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000e00)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=r0}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r1, 0x0, r2, 0x0, 0x7, 0x0)
syz_clone(0x1222080, 0x0, 0x0, 0x0, 0x0, 0x0)
clock_gettime(0x0, 0x0)
clock_nanosleep(0x2, 0x0, 0x0, 0xfffffffffffffffe)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
mkdir(&(0x7f0000000400)='./file0\x00', 0x1)
r3 = inotify_init1(0x800)
inotify_add_watch(r3, &(0x7f0000000240)='.\x00', 0x50000048)
inotify_add_watch(r3, &(0x7f0000005780)='./file0\x00', 0x9600006f)
lsetxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

block=256, location=256
[   73.099365][ T4474] blk_update_request: I/O error, dev loop0, sector 2048 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   73.110714][ T4474] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[   73.120518][ T4474] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[   73.128328][ T4474] UDF-fs: Scanning with blocksize 2048 failed
[   73.135347][ T4474] blk_update_request: I/O error, dev loop0, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   73.147740][ T4474] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[   73.159347][ T4474] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[   73.169264][ T4474] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[   73.177071][ T4474] UDF-fs: Scanning with blocksize 4096 failed
[   73.183358][ T4474] UDF-fs: warning (device loop0): udf_fill_super: No partition found (1)
[   76.416287][   T23] cfg80211: failed to load regulatory.db
[   78.259385][ T4522] device bridge1 entered promiscuous mode
[   78.297369][ T4522] team0: Port device bridge1 added
[   78.319275][ T4526] bridge0: port 3(team0) entered blocking state
[   78.330281][ T4526] bridge0: port 3(team0) entered disabled state
[   78.348814][ T4526] device team0 entered promiscuous mode
[   78.355809][ T4526] device team_slave_0 entered promiscuous mode
[   78.381719][ T4526] device team_slave_1 entered promiscuous mode
[   78.410994][ T4526] bridge0: port 3(team0) entered blocking state
[   78.417740][ T4526] bridge0: port 3(team0) entered forwarding state
[   78.483755][ T4529] loop1: detected capacity change from 0 to 4096
[   78.652060][ T4529] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   80.449388][   T26] audit: type=1804 audit(1771943053.459:3): pid=4547 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.77" name="/newroot/14/bus/bus" dev="overlay" ino=101 res=1 errno=0
[   80.507212][ T4549] netlink: 12 bytes leftover after parsing attributes in process `syz.3.78'.
[   81.091568][ T4555] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[   82.193625][ T4570] loop1: detected capacity change from 0 to 1024
[   82.423374][   T26] audit: type=1326 audit(1771943055.459:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4569 comm="syz.3.83" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe4c3675629 code=0x0
[   84.437083][ T4600] netlink: 4 bytes leftover after parsing attributes in process `syz.2.91'.
[   84.462330][ T4600] device team0 left promiscuous mode
[   84.487304][ T4600] device team_slave_0 left promiscuous mode
[   84.524535][ T4600] device team_slave_1 left promiscuous mode
[   84.542520][ T4600] bridge0: port 3(team0) entered disabled state
[   84.660942][ T4600] device bridge_slave_1 left promiscuous mode
[   84.684263][ T4600] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.431809][ T4600] device bridge_slave_0 left promiscuous mode
[   85.438996][ T4612] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[   85.439428][ T4600] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.240390][ T4633] device vlan3 entered promiscuous mode
[   94.031694][ T4656] loop2: detected capacity change from 0 to 128
[   94.040952][ T4658] overlayfs: failed to clone upperpath
[   94.050154][ T4659] netlink: zone id is out of range
[   94.060350][ T4659] netlink: zone id is out of range
[   94.067259][ T4659] netlink: zone id is out of range
[   94.073249][ T4659] netlink: zone id is out of range
[   94.081098][ T4659] netlink: zone id is out of range
[   94.087403][ T4659] netlink: zone id is out of range
[   94.092742][ T4659] netlink: zone id is out of range
[   94.107986][ T4656] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[   94.117334][ T4659] netlink: zone id is out of range
[   94.123074][ T4659] netlink: zone id is out of range
[   94.149168][ T4659] netlink: zone id is out of range
[   94.190563][ T4656] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   94.201642][ T4656] ext2 filesystem being mounted at /16/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.801177][ T4697] 9pnet: p9_errstr2errno: server reported unknown error 0x000000000000
[   99.090275][ T4718] capability: warning: `syz.2.126' uses deprecated v2 capabilities in a way that may be insecure
[  100.403598][ T4737] loop0: detected capacity change from 0 to 512
[  100.723401][ T4737] EXT4-fs (loop0): mounted filesystem without journal. Opts: i_version,nodiscard,min_batch_time=0x00000000000003ff,,errors=continue. Quota mode: none.
[  102.745266][ T4766] sctp: [Deprecated]: syz.3.141 (pid 4766) Use of struct sctp_assoc_value in delayed_ack socket option.
[  102.745266][ T4766] Use struct sctp_sack_info instead
[  102.791365][ T4756] netlink: 8 bytes leftover after parsing attributes in process `syz.1.137'.
[  102.804300][ T4756] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  102.813376][ T4756] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  102.822293][ T4756] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  102.831228][ T4756] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  102.843147][ T4756] Zero length message leads to an empty skb
[  102.845210][ T4764] xt_l2tp: missing protocol rule (udp|l2tpip)
[  103.640771][ T4777] loop3: detected capacity change from 0 to 256
[  105.606944][ T4792] gfs2: gfs2 mount does not exist
[  106.856618][ T4800] bridge0: port 3(vlan2) entered blocking state
[  106.863460][ T4800] bridge0: port 3(vlan2) entered disabled state
[  106.940451][ T4800] device vlan2 entered promiscuous mode
[  107.089175][ T4813] netlink: 4 bytes leftover after parsing attributes in process `syz.3.153'.
[  107.126849][ T4813] device team1 entered promiscuous mode
[  107.132834][ T4813] netlink: 4 bytes leftover after parsing attributes in process `syz.3.153'.
[  107.159687][ T4813] team2 (uninitialized): Failed to send options change via netlink (err -105)
[  107.236719][ T4813] device team2 entered promiscuous mode
[  107.353800][ T4821] device syzkaller0 entered promiscuous mode
[  111.324388][ T4845] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  111.952620][ T4856] 9pnet: p9_fd_create_tcp (4856): problem connecting socket to 127.0.0.1
[  112.000138][ T4856] 9pnet: p9_fd_create_tcp (4856): problem connecting socket to 127.0.0.1
[  112.145189][ T4856] 9pnet: p9_fd_create_tcp (4856): problem connecting socket to 127.0.0.1
[  112.215371][ T4856] 9pnet: p9_fd_create_tcp (4856): problem connecting socket to 127.0.0.1
[  113.740057][ T4829] ODEBUG: Out of memory. ODEBUG disabled
[  113.820689][ T4856] 9pnet: p9_fd_create_tcp (4856): problem connecting socket to 127.0.0.1
[  118.363764][ T4909] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  118.363764][ T4909] The task syz.0.186 (4909) triggered the difference, watch for misbehavior.
[  118.999363][ T4918] net_ratelimit: 56 callbacks suppressed
[  118.999378][ T4918] sctp: failed to load transform for md5: -4
[  119.231561][ T4938] netlink: 'syz.0.191': attribute type 1 has an invalid length.
[  119.639342][ T4938] 8021q: adding VLAN 0 to HW filter on device bond1
[  120.547384][ T4938] bond1: (slave vlan3): making interface the new active one
[  120.557434][ T4938] bond1: (slave vlan3): Enslaving as an active interface with an up link
[  120.768931][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  122.134897][ T4979] netlink: 28 bytes leftover after parsing attributes in process `syz.0.201'.
[  122.150716][ T4979] netlink: 28 bytes leftover after parsing attributes in process `syz.0.201'.
[  122.982981][ T4979] device team0 entered promiscuous mode
[  122.991199][ T4987] tmpfs: Bad value for 'nr_blocks'
[  123.096628][ T4979] device team_slave_0 entered promiscuous mode
[  123.102986][ T4979] device team_slave_1 entered promiscuous mode
[  123.821491][ T4979] device bond0 entered promiscuous mode
[  123.827205][ T4979] device bond_slave_0 entered promiscuous mode
[  123.833564][ T4979] device bond_slave_1 entered promiscuous mode
[  123.956241][ T4979] 8021q: adding VLAN 0 to HW filter on device hsr1
[  123.975830][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): hsr1: link becomes ready
[  124.107220][ T4997] netlink: 'syz.4.208': attribute type 1 has an invalid length.
[  124.599314][ T4997] 8021q: adding VLAN 0 to HW filter on device bond1
[  124.642770][ T5005] bond1: (slave vlan2): making interface the new active one
[  124.670923][ T5005] bond1: (slave vlan2): Enslaving as an active interface with an up link
[  124.700217][ T4315] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  124.924156][ T4231] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  125.203999][ T4231] usb 4-1: Using ep0 maxpacket: 16
[  125.344333][ T4231] usb 4-1: config 8 has an invalid interface number: 97 but max is 0
[  125.409994][ T4231] usb 4-1: config 8 has no interface number 0
[  125.432331][ T4231] usb 4-1: config 8 interface 97 has no altsetting 0
[  126.284329][ T4231] usb 4-1: New USB device found, idVendor=0483, idProduct=3747, bcdDevice=d4.ce
[  126.284359][ T4231] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.284379][ T4231] usb 4-1: Product: syz
[  126.284392][ T4231] usb 4-1: Manufacturer: syz
[  126.284405][ T4231] usb 4-1: SerialNumber: syz
[  126.417217][ T5037] fuse: Bad value for 'fd'
[  127.324071][ T5048] netlink: 'syz.2.222': attribute type 1 has an invalid length.
[  127.335839][ T4231] ftdi_sio 4-1:8.97: FTDI USB Serial Device converter detected
[  127.357762][ T4231] usb 4-1: Detected FT-X
[  127.394121][ T4231] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  127.426385][ T4231] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  127.490748][ T5048] 8021q: adding VLAN 0 to HW filter on device bond1
[  127.540745][ T5051] bond1: (slave vlan2): making interface the new active one
[  127.555402][ T5051] bond1: (slave vlan2): Enslaving as an active interface with an up link
[  127.564935][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  127.610909][ T4231] ftdi_sio 4-1:8.97: GPIO initialisation failed: -71
[  127.653462][ T4231] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  127.823058][ T4231] usb 4-1: USB disconnect, device number 2
[  127.935699][ T4231] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  128.016663][ T4231] ftdi_sio 4-1:8.97: device disconnected
[  132.051596][ T5068] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.058911][ T5068] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.353743][ T5096] loop0: detected capacity change from 0 to 8192
[  132.554917][ T5068] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  132.608232][ T5068] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  132.735165][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  132.741498][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  133.163143][ T5068] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  133.175756][ T5068] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  133.220341][ T5068] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  135.483116][ T5068] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  135.714828][ T5104] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  135.886150][ T5068] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  135.895144][ T5068] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  135.904029][ T5068] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  135.912890][ T5068] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  135.987216][ T5068] syz.1.228 (5068) used greatest stack depth: 20688 bytes left
[  136.073398][ T5106] Illegal XDP return value 4294967274, expect packet loss!
[  136.086052][ T5108] netlink: 28 bytes leftover after parsing attributes in process `syz.2.240'.
[  136.130949][ T5108] netlink: 28 bytes leftover after parsing attributes in process `syz.2.240'.
[  136.249028][ T5118] syz.3.242 uses obsolete (PF_INET,SOCK_PACKET)
[  136.249127][ T5113] netlink: 8 bytes leftover after parsing attributes in process `syz.0.241'.
[  136.274577][ T5113] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  136.283701][ T5113] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  136.292546][ T5113] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  136.301340][ T5113] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  138.486792][ T5135] netlink: 4 bytes leftover after parsing attributes in process `syz.0.245'.
[  138.685530][ T5143] loop1: detected capacity change from 0 to 256
[  139.614382][ T5149] xt_CT: You must specify a L4 protocol and not use inversions on it
[  140.181624][ T5151] netlink: 'syz.4.251': attribute type 4 has an invalid length.
[  140.377344][ T5157] loop2: detected capacity change from 0 to 128
[  140.466510][ T5162] loop0: detected capacity change from 0 to 128
[  140.605628][ T5168] fuse: Bad value for 'fd'
[  141.595387][ T5171] attempt to access beyond end of device
[  141.595387][ T5171] loop0: rw=2049, want=250, limit=128
[  143.387199][ T5194] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  143.442536][ T5194] netlink: 40 bytes leftover after parsing attributes in process `syz.2.263'.
[  145.076929][ T5210] autofs4:pid:5210:autofs_fill_super: called with bogus options
[  145.091006][ T5211] xt_time: unknown flags 0xc
[  154.698157][ T5278] MPTCP: addr_signal error, add_addr=1, echo=0
[  155.184553][ T4232] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  155.801509][ T5310] wlan0 speed is unknown, defaulting to 1000
[  155.803832][ T5309] tipc: Started in network mode
[  155.834359][ T5309] tipc: Node identity ae82be304bc4, cluster identity 4711
[  155.844328][ T5309] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  155.860348][ T5310] wlan0 speed is unknown, defaulting to 1000
[  155.920357][ T5314] tipc: Resetting bearer <eth:syzkaller0>
[  155.956851][ T5310] wlan0 speed is unknown, defaulting to 1000
[  155.975203][ T5308] tipc: Disabling bearer <eth:syzkaller0>
[  156.001154][ T5310] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  156.081355][ T5310] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  156.169921][ T4232] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  156.320017][ T4232] usb 2-1: New USB device found, idVendor=067b, idProduct=331a, bcdDevice=9d.94
[  156.542246][ T4232] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.901266][ T4232] usb 2-1: config 0 descriptor??
[  156.948978][ T5310] wlan0 speed is unknown, defaulting to 1000
[  156.983461][ T5310] wlan0 speed is unknown, defaulting to 1000
[  157.003750][ T5310] wlan0 speed is unknown, defaulting to 1000
[  157.011570][ T4232] pl2303 2-1:0.0: required endpoints missing
[  157.025004][ T5310] wlan0 speed is unknown, defaulting to 1000
[  157.049174][ T5310] wlan0 speed is unknown, defaulting to 1000
[  157.349209][ T4232] usb 2-1: USB disconnect, device number 2
[  159.038270][    T9] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.957116][    T9] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.433967][ T5365] netlink: 8 bytes leftover after parsing attributes in process `syz.2.313'.
[  161.680174][    T9] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.019158][    T9] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.018957][ T5378] wlan0 speed is unknown, defaulting to 1000
[  163.122040][ T5390] team_slave_1: Caught tx_queue_len zero misconfig
[  163.993254][ T4230] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  164.050279][ T5408] loop0: detected capacity change from 0 to 256
[  164.123076][ T5378] chnl_net:caif_netlink_parms(): no params data found
[  164.454533][ T4230] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  164.903653][ T5408] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x46ae1815, utbl_chksum : 0xe619d30d)
[  164.931764][ T5378] bridge0: port 1(bridge_slave_0) entered blocking state
[  164.974118][ T5378] bridge0: port 1(bridge_slave_0) entered disabled state
[  164.983611][ T5408] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  165.021900][ T5378] device bridge_slave_0 entered promiscuous mode
[  165.044056][ T4230] usb 3-1: New USB device found, idVendor=067b, idProduct=331a, bcdDevice=9d.94
[  165.053661][ T4230] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.066178][ T4230] usb 3-1: config 0 descriptor??
[  165.072997][    T7] Bluetooth: hci2: command 0x0409 tx timeout
[  165.083751][ T5378] bridge0: port 2(bridge_slave_1) entered blocking state
[  165.282961][ T4230] pl2303 3-1:0.0: required endpoints missing
[  165.299346][ T5378] bridge0: port 2(bridge_slave_1) entered disabled state
[  165.314945][ T5378] device bridge_slave_1 entered promiscuous mode
[  165.773466][ T5093] usb 3-1: USB disconnect, device number 2
[  167.268856][ T5093] Bluetooth: hci2: command 0x041b tx timeout
[  167.290756][ T5378] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  167.502298][ T5378] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  168.463732][ T5378] team0: Port device team_slave_0 added
[  168.650344][ T5378] team0: Port device team_slave_1 added
[  168.709277][ T5378] batman_adv: batadv0: Adding interface: batadv_slave_0
[  168.723505][ T5378] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  168.815285][ T5378] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  168.828150][ T5378] batman_adv: batadv0: Adding interface: batadv_slave_1
[  168.845599][ T5378] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  168.927362][ T5378] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  168.951901][ T5458] netlink: 16 bytes leftover after parsing attributes in process `syz.0.341'.
[  169.674987][ T2387] Bluetooth: hci2: command 0x040f tx timeout
[  170.459769][ T5378] device hsr_slave_0 entered promiscuous mode
[  170.475371][ T5378] device hsr_slave_1 entered promiscuous mode
[  170.569330][ T5378] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  170.620237][ T5378] Cannot create hsr debugfs directory
[  171.243973][ T4189] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  171.278527][    T9] device hsr_slave_0 left promiscuous mode
[  171.296419][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  171.337078][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[  171.347662][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  171.355663][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[  171.363590][    T9] device bridge_slave_1 left promiscuous mode
[  171.373485][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.776188][    T9] device bridge_slave_0 left promiscuous mode
[  171.838132][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.695933][    T9] device veth1_macvtap left promiscuous mode
[  172.725797][    T9] device veth0_macvtap left promiscuous mode
[  172.756380][    T9] device veth1_vlan left promiscuous mode
[  172.762263][    T9] device veth0_vlan left promiscuous mode
[  172.776303][ T5093] Bluetooth: hci2: command 0x0419 tx timeout
[  173.024147][ T4189] usb 2-1: Using ep0 maxpacket: 16
[  173.144624][ T4189] usb 2-1: config 0 has an invalid interface number: 133 but max is 0
[  173.212137][ T4189] usb 2-1: config 0 has no interface number 0
[  173.323411][ T4189] usb 2-1: config 0 interface 133 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  173.785471][ T4189] usb 2-1: string descriptor 0 read error: -71
[  173.791861][ T4189] usb 2-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d
[  173.845381][ T4189] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.865555][ T4189] usb 2-1: config 0 descriptor??
[  173.894188][ T4189] usb 2-1: can't set config #0, error -71
[  173.910101][ T4189] usb 2-1: USB disconnect, device number 3
[  176.844600][ T5093] Bluetooth: hci0: command 0x0406 tx timeout
[  176.891957][ T5093] Bluetooth: hci4: command 0x0406 tx timeout
[  177.114216][ T5093] Bluetooth: hci1: command 0x0406 tx timeout
[  177.138027][ T5093] Bluetooth: hci3: command 0x0406 tx timeout
[  177.293055][   T26] audit: type=1326 audit(1771943406.326:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5553 comm="syz.0.356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  177.530795][   T26] audit: type=1326 audit(1771943406.406:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5553 comm="syz.0.356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  177.805178][   T26] audit: type=1326 audit(1771943406.416:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5553 comm="syz.0.356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  177.834632][   T26] audit: type=1326 audit(1771943406.426:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5553 comm="syz.0.356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  177.876886][   T26] audit: type=1326 audit(1771943406.436:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5553 comm="syz.0.356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  177.937664][    T9] team0 (unregistering): Port device team_slave_1 removed
[  177.953845][    T9] team0 (unregistering): Port device team_slave_0 removed
[  177.985818][   T26] audit: type=1326 audit(1771943406.446:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5553 comm="syz.0.356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  178.014320][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  178.052428][   T26] audit: type=1326 audit(1771943406.446:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5553 comm="syz.0.356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  178.083485][   T26] audit: type=1326 audit(1771943406.466:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5553 comm="syz.0.356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  178.110067][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  178.119241][   T26] audit: type=1326 audit(1771943406.496:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5553 comm="syz.0.356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  178.616814][   T26] audit: type=1326 audit(1771943406.526:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5553 comm="syz.0.356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  178.882765][    T9] bond0 (unregistering): Released all slaves
[  179.905704][ T5378] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  179.946449][ T5378] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  180.032359][ T5378] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  180.060954][ T5378] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  180.444979][ T5378] 8021q: adding VLAN 0 to HW filter on device bond0
[  180.461167][ T5378] 8021q: adding VLAN 0 to HW filter on device team0
[  180.476105][ T5567] bond2: (slave ip6gretap1): making interface the new active one
[  180.485662][ T5567] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link
[  180.499339][ T5582] device batadv_slave_1 entered promiscuous mode
[  180.514190][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  180.532200][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  180.611008][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  180.627771][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  180.637332][  T424] bridge0: port 1(bridge_slave_0) entered blocking state
[  180.644457][  T424] bridge0: port 1(bridge_slave_0) entered forwarding state
[  180.652568][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  180.664237][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  180.672736][  T424] bridge0: port 2(bridge_slave_1) entered blocking state
[  180.679841][  T424] bridge0: port 2(bridge_slave_1) entered forwarding state
[  180.688589][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  180.705743][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  180.738413][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  180.815574][ T5586] device batadv_slave_1 left promiscuous mode
[  180.829923][ T5089] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  181.560329][ T5089] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  181.614906][ T5089] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  181.647501][ T5089] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  182.074888][ T5089] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  182.083748][ T5089] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  182.097719][ T5089] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  182.143685][ T5378] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  182.271763][ T5602] wlan0 speed is unknown, defaulting to 1000
[  182.281718][ T5608] wlan0 speed is unknown, defaulting to 1000
[  182.954145][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  182.962554][  T424] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  186.907045][ T4336] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  186.935068][ T4336] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  186.943700][ T5641] netlink: 28 bytes leftover after parsing attributes in process `syz.2.374'.
[  187.008015][ T5378] 8021q: adding VLAN 0 to HW filter on device batadv0
[  187.055396][ T5651] device syzkaller0 entered promiscuous mode
[  188.326618][ T5670] netlink: 2 bytes leftover after parsing attributes in process `syz.1.379'.
[  189.373668][ T5676] wlan0 speed is unknown, defaulting to 1000
[  190.578852][ T1281] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  190.596325][ T1281] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  191.704067][ T5701] netlink: 44 bytes leftover after parsing attributes in process `syz.4.386'.
[  192.587779][ T4336] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  192.674553][ T4336] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  192.919274][ T5378] device veth0_vlan entered promiscuous mode
[  193.109417][ T5717] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  193.135712][ T5717] CIFS: Unable to determine destination address
[  193.684155][ T4336] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  193.702326][ T4336] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  193.718439][ T5378] device veth1_vlan entered promiscuous mode
[  194.189643][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  194.506271][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  194.571270][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  194.596083][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  194.826274][   T26] kauditd_printk_skb: 15 callbacks suppressed
[  194.826286][   T26] audit: type=1326 audit(1771943423.866:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5740 comm="syz.0.395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  194.864033][ T5378] device veth0_macvtap entered promiscuous mode
[  194.902437][ T5378] device veth1_macvtap entered promiscuous mode
[  194.957433][   T26] audit: type=1326 audit(1771943423.866:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5740 comm="syz.0.395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  195.044985][   T26] audit: type=1326 audit(1771943423.896:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5740 comm="syz.0.395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  195.055804][ T5378] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  195.108027][ T5378] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.131830][   T26] audit: type=1326 audit(1771943423.897:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5740 comm="syz.0.395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  195.143558][ T5378] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  195.176745][ T5378] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.186689][ T5378] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  195.197298][ T5378] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.208807][ T5378] batman_adv: batadv0: Interface activated: batadv_slave_0
[  195.214057][   T26] audit: type=1326 audit(1771943423.897:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5740 comm="syz.0.395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  195.228636][ T5378] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  195.279247][ T5378] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.292067][   T26] audit: type=1326 audit(1771943423.897:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5740 comm="syz.0.395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  195.305053][ T5378] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  195.330689][   T26] audit: type=1326 audit(1771943423.897:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5740 comm="syz.0.395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  195.356757][ T5378] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.366603][ T5378] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  195.377445][   T26] audit: type=1326 audit(1771943423.897:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5740 comm="syz.0.395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  195.409835][ T5378] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.425952][   T26] audit: type=1326 audit(1771943423.897:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5740 comm="syz.0.395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  195.447763][ T5378] batman_adv: batadv0: Interface activated: batadv_slave_1
[  195.468166][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  195.505264][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  195.539510][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  195.558509][   T26] audit: type=1326 audit(1771943423.897:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5740 comm="syz.0.395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  195.593179][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  195.626072][ T5378] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  195.657567][ T5378] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  195.691781][ T5378] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  195.732029][ T5378] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  196.299574][ T5775] syz.0.403 (5775): drop_caches: 2
[  196.667526][ T5787] loop1: detected capacity change from 0 to 512
[  196.807230][ T5787] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  196.916127][ T5787] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  197.150209][ T5797] netlink: 'syz.0.409': attribute type 1 has an invalid length.
[  197.168971][ T5787] EXT4-fs error (device loop1): xattr_find_entry:297: inode #15: comm syz.1.406: corrupted xattr entries
[  197.240221][ T5787] EXT4-fs (loop1): 1 orphan inode deleted
[  197.292610][ T5787] EXT4-fs (loop1): mounted filesystem without journal. Opts: mb_optimize_scan=0x0000000000000000,min_batch_time=0x0000000000000002,debug_want_extra_isize=0x0000000000000068,nobarrier,nodiscard,journal_ioprio=0x0000000000000002,,errors=continue. Quota mode: none.
[  197.324792][ T5797] device bond3 entered promiscuous mode
[  197.330596][ T5797] 8021q: adding VLAN 0 to HW filter on device bond3
[  197.547808][ T4336] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  197.576288][ T4336] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  197.733112][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  197.930750][ T5807] bond3: (slave veth3): Enslaving as an active interface with a down link
[  198.073193][ T4444] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  198.082031][ T4444] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  198.115371][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  198.201028][ T5813] device vlan3 entered promiscuous mode
[  198.231126][ T5816] netlink: 4 bytes leftover after parsing attributes in process `syz.0.412'.
[  198.252150][ T5816] chnl_net:caif_netlink_parms(): no params data found
[  198.293608][ T5819] netlink: 4 bytes leftover after parsing attributes in process `syz.4.410'.
[  200.525638][ T5859] netlink: 'syz.0.419': attribute type 29 has an invalid length.
[  201.636617][ T5859] netlink: 'syz.0.419': attribute type 29 has an invalid length.
[  201.675887][ T5872] netlink: 12 bytes leftover after parsing attributes in process `syz.1.423'.
[  201.696242][ T5873] netlink: 'syz.0.419': attribute type 29 has an invalid length.
[  201.889299][ T5859] netlink: 'syz.0.419': attribute type 29 has an invalid length.
[  201.928574][ T5859] netlink: 'syz.0.419': attribute type 29 has an invalid length.
[  201.950848][ T5878] loop5: detected capacity change from 0 to 32768
[  201.960275][ T5859] netlink: 'syz.0.419': attribute type 29 has an invalid length.
[  202.003277][ T5859] netlink: 'syz.0.419': attribute type 29 has an invalid length.
[  202.051792][ T5878] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop5 scanned by syz.5.425 (5878)
[  202.066622][ T5859] netlink: 'syz.0.419': attribute type 29 has an invalid length.
[  202.103880][ T5887] netlink: 80 bytes leftover after parsing attributes in process `syz.2.429'.
[  202.107706][ T5878] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm
[  202.122228][ T5878] BTRFS info (device loop5): enabling disk space caching
[  202.129359][ T5878] BTRFS info (device loop5): force clearing of disk cache
[  202.136821][ T5878] BTRFS info (device loop5): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  202.146660][ T5878] BTRFS info (device loop5): use zstd compression, level 3
[  202.153871][ T5878] BTRFS info (device loop5): disk space caching is enabled
[  202.161123][ T5878] BTRFS info (device loop5): has skinny extents
[  202.325922][    C1] Unknown status report in ack skb
[  202.568390][ T5905] netlink: 'syz.2.429': attribute type 12 has an invalid length.
[  202.583266][ T5906] IPVS: stopping master sync thread 5909 ...
[  202.590297][ T5909] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 33554436, id = 0
[  204.146779][ T5878] BTRFS info (device loop5): enabling ssd optimizations
[  204.160044][ T5878] BTRFS info (device loop5): clearing free space tree
[  204.168506][ T5878] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  204.178538][ T5878] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  205.452914][ T5952] loop1: detected capacity change from 0 to 256
[  205.560588][ T5952] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x4f8593fa, utbl_chksum : 0xe619d30d)
[  205.650938][   T26] kauditd_printk_skb: 4 callbacks suppressed
[  205.650994][   T26] audit: type=1800 audit(1771943433.990:44): pid=5952 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.438" name="file2" dev="loop1" ino=1048609 res=0 errno=0
[  210.352779][ T6013] nftables ruleset with unbound set
[  210.617461][ T6019] loop0: detected capacity change from 0 to 512
[  210.859643][ T6019] EXT4-fs (loop0): Ignoring removed bh option
[  211.297305][ T6019] EXT4-fs (loop0): mounted filesystem without journal. Opts: i_version,nogrpid,bh,,errors=continue. Quota mode: writeback.
[  211.360395][ T6019] ext4 filesystem being mounted at /102/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  211.682663][ T6037] delete_channel: no stack
[  212.591736][ T6048] loop1: detected capacity change from 0 to 1024
[  212.956024][ T6050] loop5: detected capacity change from 0 to 8192
[  216.358363][ T6069] kvm: pic: single mode not supported
[  216.358562][ T6069] kvm: pic: level sensitive irq not supported
[  217.204373][ T6093] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  217.311362][ T6093] IPVS: sed: FWM 3 0x00000003 - no destination available
[  218.380501][ T6108] netlink: 'syz.4.471': attribute type 9 has an invalid length.
[  218.388266][ T6108] netlink: 126588 bytes leftover after parsing attributes in process `syz.4.471'.
[  218.661849][ T6113] netlink: 4 bytes leftover after parsing attributes in process `syz.1.473'.
[  218.690438][ T6113] chnl_net:caif_netlink_parms(): no params data found
[  225.388557][ T6190] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  225.396455][ T6190] IPv6: NLM_F_CREATE should be set when creating new route
[  227.617071][ T6203] netlink: 4 bytes leftover after parsing attributes in process `syz.1.495'.
[  228.098455][ T6192] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.106353][ T6192] bridge0: port 1(bridge_slave_0) entered disabled state
[  229.184210][ T6233] loop5: detected capacity change from 0 to 8
[  229.256132][ T6192] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  229.296911][ T6233] SQUASHFS error: zlib decompression failed, data probably corrupt
[  229.311896][ T6192] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  229.315834][ T6233] SQUASHFS error: Failed to read block 0x9b: -5
[  229.326234][ T6233] SQUASHFS error: Unable to read metadata cache entry [99]
[  229.333901][ T6233] SQUASHFS error: Unable to read inode 0x127
[  229.539809][ T6234] loop5: detected capacity change from 0 to 1024
[  229.615364][ T6234] EXT4-fs (loop5): Ignoring removed orlov option
[  229.695452][ T6192] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  229.704357][ T6192] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  229.704492][ T6234] EXT4-fs (loop5): Test dummy encryption mode enabled
[  229.716067][ T6192] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  229.725879][ T6234] EXT4-fs (loop5): DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  229.737321][ T6192] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  229.743490][ T6234] EXT4-fs (loop5): Invalid want_extra_isize 3548
[  229.896769][ T6192] syz.4.492 (6192) used greatest stack depth: 20400 bytes left
[  230.004287][ T6243] loop1: detected capacity change from 0 to 512
[  230.451247][ T6243] EXT4-fs (loop1): Ignoring removed bh option
[  230.798417][ T6243] EXT4-fs (loop1): mounted filesystem without journal. Opts: i_version,nogrpid,bh,,errors=continue. Quota mode: writeback.
[  230.915811][ T6243] ext4 filesystem being mounted at /98/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  233.441152][ T6309] loop5: detected capacity change from 0 to 512
[  233.551641][ T6309] EXT4-fs (loop5): Ignoring removed bh option
[  233.554098][ T6298] netlink: 14 bytes leftover after parsing attributes in process `syz.0.518'.
[  233.607777][ T6309] EXT4-fs (loop5): mounted filesystem without journal. Opts: i_version,nogrpid,bh,,errors=continue. Quota mode: writeback.
[  233.660913][ T6309] ext4 filesystem being mounted at /20/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  233.813076][ T4189] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  233.822660][ T4189] Bluetooth: hci2: Injecting HCI hardware error event
[  233.950990][ T6321] wlan0 speed is unknown, defaulting to 1000
[  234.508691][ T4186] Bluetooth: hci2: hardware error 0x00
[  235.780909][ T6321] chnl_net:caif_netlink_parms(): no params data found
[  235.899405][ T4231] Bluetooth: hci4: command 0x0409 tx timeout
[  235.975672][ T6321] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.982961][ T6321] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.991133][ T6321] device bridge_slave_0 entered promiscuous mode
[  237.805554][ T6321] bridge0: port 2(bridge_slave_1) entered blocking state
[  237.886509][ T6321] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.944785][ T6321] device bridge_slave_1 entered promiscuous mode
[  238.323841][ T4234] Bluetooth: hci4: command 0x041b tx timeout
[  238.330810][ T6321] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  238.373179][ T6321] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  238.518604][ T6321] team0: Port device team_slave_0 added
[  238.541404][ T6321] team0: Port device team_slave_1 added
[  238.561097][ T6321] batman_adv: batadv0: Adding interface: batadv_slave_0
[  238.657088][ T6321] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  238.763783][ T6321] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  238.803100][ T6321] batman_adv: batadv0: Adding interface: batadv_slave_1
[  238.831697][ T6321] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  238.887843][ T6321] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  238.924638][ T6321] device hsr_slave_0 entered promiscuous mode
[  238.931860][ T6321] device hsr_slave_1 entered promiscuous mode
[  238.949513][ T6321] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  238.959189][ T6321] Cannot create hsr debugfs directory
[  238.970898][ T6390] netlink: 12 bytes leftover after parsing attributes in process `syz.5.534'.
[  238.991360][ T6392] bridge1: port 1(veth3) entered blocking state
[  239.021008][ T6392] bridge1: port 1(veth3) entered disabled state
[  239.038968][ T6392] device veth3 entered promiscuous mode
[  239.107719][ T6390] bridge1: port 2(veth5) entered blocking state
[  239.114081][ T6390] bridge1: port 2(veth5) entered disabled state
[  239.121458][ T6390] device veth5 entered promiscuous mode
[  239.366150][ T6321] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  239.375632][ T6321] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  239.402968][ T6321] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  239.412443][ T6321] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  240.399321][ T6321] 8021q: adding VLAN 0 to HW filter on device bond0
[  240.494073][ T4231] Bluetooth: hci4: command 0x040f tx timeout
[  240.712359][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  240.784389][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  241.010287][ T6321] 8021q: adding VLAN 0 to HW filter on device team0
[  241.237681][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  241.261331][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  241.279977][ T4229] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.287118][ T4229] bridge0: port 1(bridge_slave_0) entered forwarding state
[  243.281043][ T4261] Bluetooth: hci4: command 0x0419 tx timeout
[  243.316373][ T6425] loop0: detected capacity change from 0 to 2048
[  243.381464][ T6425] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  243.419836][ T6425] netlink: 40 bytes leftover after parsing attributes in process `syz.0.541'.
[  243.608575][ T6428] netlink: 24 bytes leftover after parsing attributes in process `syz.5.542'.
[  243.727630][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  243.736268][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  243.776764][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  243.800061][ T4229] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.807193][ T4229] bridge0: port 2(bridge_slave_1) entered forwarding state
[  243.820991][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  243.833097][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  243.862677][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  243.912539][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  243.951535][ T4229] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  244.108686][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  244.141727][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  244.242898][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  244.538892][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  244.783057][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  244.838047][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  244.888419][ T6321] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  244.954843][ T6460] netlink: 'syz.5.546': attribute type 4 has an invalid length.
[  244.981899][ T6460] netlink: 17 bytes leftover after parsing attributes in process `syz.5.546'.
[  245.946090][ T6482] lo: Caught tx_queue_len zero misconfig
[  245.962661][ T6478] device syzkaller0 entered promiscuous mode
[  246.030934][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  246.044739][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  246.087629][ T6321] 8021q: adding VLAN 0 to HW filter on device batadv0
[  246.574850][ T6495] device syzkaller0 entered promiscuous mode
[  246.987092][ T4444] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  247.000934][ T4444] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  247.020716][ T4444] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  247.029849][ T4444] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  247.040911][ T6321] device veth0_vlan entered promiscuous mode
[  247.051657][ T4444] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  247.059706][ T4444] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  247.070033][ T6321] device veth1_vlan entered promiscuous mode
[  247.135812][ T4444] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  247.144535][ T4444] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  247.152744][ T4444] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  247.163780][ T4444] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  247.175081][ T6509] netlink: 24 bytes leftover after parsing attributes in process `syz.1.555'.
[  247.929719][ T6321] device veth0_macvtap entered promiscuous mode
[  247.963651][ T6321] device veth1_macvtap entered promiscuous mode
[  248.024296][ T6321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  248.099921][ T6321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.130723][ T6321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  248.142104][ T6321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.156366][ T6321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  248.167555][ T6321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.183119][ T6321] batman_adv: batadv0: Interface activated: batadv_slave_0
[  248.213777][ T6529] loop0: detected capacity change from 0 to 512
[  248.252019][ T6321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.273091][ T6321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.284762][ T6321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.295359][ T6321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.303014][ T6529] EXT4-fs (loop0): Ignoring removed nobh option
[  248.324698][ T6321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.338403][ T6529] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.559: iget: bad i_size value: 38620345925642
[  248.369699][ T6529] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.559: couldn't read orphan inode 15 (err -117)
[  248.389009][ T6529] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobh,auto_da_alloc,data_err=ignore,,errors=continue. Quota mode: writeback.
[  248.390002][ T6321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.540998][ T6321] batman_adv: batadv0: Interface activated: batadv_slave_1
[  248.592122][ T6321] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  248.601510][ T6321] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  248.616681][ T6321] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  248.626261][ T6321] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  249.191786][   T26] audit: type=1804 audit(1771943474.287:45): pid=6548 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.559" name="/newroot/130/file1/bus" dev="loop0" ino=18 res=1 errno=0
[  249.216689][ T4440] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  249.225348][ T4440] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  249.303226][ T4440] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  249.320245][ T4440] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  249.434359][ T6555] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  250.086527][ T4400] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  250.138588][ T4400] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  250.186206][ T4317] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  250.329451][ T4317] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  252.048618][ T4317] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  252.056350][ T4440] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  252.118661][ T6580] device syzkaller0 left promiscuous mode
[  252.177543][ T6580] 0: reclassify loop, rule prio 0, protocol 800
[  252.209547][ T6587] overlayfs: failed to clone upperpath
[  252.628582][ T6581] loop0: detected capacity change from 0 to 4096
[  254.323683][ T6619] netlink: 'syz.0.578': attribute type 39 has an invalid length.
[  254.335874][ T6615] loop1: detected capacity change from 0 to 1024
[  254.399855][ T6618] device syzkaller0 entered promiscuous mode
[  254.406675][ T6615] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  254.456286][ T6615] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  254.521723][ T6615] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  254.545264][ T6615] EXT4-fs error (device loop1): ext4_get_journal_inode:5185: inode #17: comm syz.1.576: iget: bad i_size value: 4398046511204
[  254.616815][ T6615] EXT4-fs (loop1): no journal found
[  254.665228][ T6625] device syzkaller0 entered promiscuous mode
[  254.838553][ T6631] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  258.573978][ T6661] netlink: 8 bytes leftover after parsing attributes in process `syz.5.583'.
[  259.182086][ T6661] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -4
[  259.191383][ T6661] platform regulatory.0: Direct firmware load for regulatory.db failed with error -4
[  259.200916][ T6661] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  259.213547][ T6661] syz.5.583 (6661) used greatest stack depth: 18192 bytes left
[  259.234030][   T26] audit: type=1800 audit(1771943484.071:46): pid=6661 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.583" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  260.655047][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  260.661392][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  261.016719][ T6688] netlink: 20 bytes leftover after parsing attributes in process `syz.6.592'.
[  265.407040][ T6730] tipc: Started in network mode
[  265.549167][ T6730] tipc: Node identity 1eec88f45469, cluster identity 4711
[  265.563893][ T6730] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  265.574186][ T6733] device syzkaller0 entered promiscuous mode
[  265.607798][ T6730] device syzkaller0 entered promiscuous mode
[  266.603334][ T6747] tipc: Resetting bearer <eth:syzkaller0>
[  266.924019][ T6729] tipc: Resetting bearer <eth:syzkaller0>
[  266.943135][ T6729] tipc: Disabling bearer <eth:syzkaller0>
[  267.443213][ T1108] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  267.627564][ T4233] tipc: Node number set to 1250265332
[  267.924269][ T1108] usb 2-1: Using ep0 maxpacket: 8
[  268.104266][ T6789] o2cb: This node has not been configured.
[  268.110653][ T6789] o2cb: Cluster check failed. Fix errors before retrying.
[  268.118094][ T6789] (syz.6.613,6789,1):user_dlm_register:675 ERROR: status = -22
[  268.125759][ T6789] (syz.6.613,6789,1):dlmfs_mkdir:430 ERROR: Error -22 could not register domain "file0"
[  269.587475][ T6799] device syzkaller0 entered promiscuous mode
[  269.626718][ T6802] netlink: 44 bytes leftover after parsing attributes in process `syz.4.616'.
[  269.828161][ T1108] usb 2-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.08
[  269.866798][ T1108] usb 2-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0
[  269.886031][ T1108] usb 2-1: Manufacturer: syz
[  270.050065][ T1108] usb 2-1: config 0 descriptor??
[  270.195032][ T1108] go7007: probe of 2-1:0.0 failed with error -12
[  270.366437][ T1108] usb 2-1: USB disconnect, device number 4
[  272.027834][ T6846] device syzkaller0 entered promiscuous mode
[  274.809885][ T6863] loop6: detected capacity change from 0 to 1024
[  275.247336][ T6863] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  276.282656][ T6863] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  276.361537][ T6863] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  276.416697][ T6863] EXT4-fs error (device loop6): ext4_get_journal_inode:5185: inode #17: comm syz.6.632: iget: bad i_size value: 4398046511204
[  276.471416][ T6863] EXT4-fs (loop6): no journal found
[  278.285126][ T6904] netlink: 28 bytes leftover after parsing attributes in process `syz.1.641'.
[  278.517034][ T6904] netlink: 28 bytes leftover after parsing attributes in process `syz.1.641'.
[  278.550459][ T6904] 0: reclassify loop, rule prio 0, protocol 800
[  291.386809][ T6997] netlink: 12 bytes leftover after parsing attributes in process `syz.0.662'.
[  293.290459][ T7026] device syzkaller0 entered promiscuous mode
[  293.300124][ T7026] 0: reclassify loop, rule prio 0, protocol 800
[  294.741383][ T7030] xt_TCPMSS: Only works on TCP SYN packets
[  295.339581][ T7028] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -4
[  295.349112][ T7028] platform regulatory.0: Direct firmware load for regulatory.db failed with error -4
[  295.358835][ T7028] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  295.382642][   T26] audit: type=1800 audit(1771943517.886:47): pid=7028 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.669" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  299.678730][ T7073] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.677'.
[  301.975022][ T7089] loop1: detected capacity change from 0 to 1024
[  304.142176][ T7117] device syzkaller0 entered promiscuous mode
[  304.157080][ T4419] hfsplus: b-tree write err: -5, ino 4
[  305.024532][ T7130] netlink: 'syz.4.703': attribute type 1 has an invalid length.
[  305.678748][ T7133] bond2: (slave bridge1): Enslaving as a backup interface with an up link
[  306.015160][ T7139] loop5: detected capacity change from 0 to 32768
[  306.201821][ T7139] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop5 scanned by syz.5.695 (7139)
[  306.599094][ T7139] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm
[  306.608599][ T7139] BTRFS info (device loop5): enabling disk space caching
[  306.615684][ T7139] BTRFS info (device loop5): force clearing of disk cache
[  306.623012][ T7139] BTRFS info (device loop5): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  306.632601][ T7139] BTRFS info (device loop5): use zstd compression, level 3
[  306.639857][ T7139] BTRFS info (device loop5): disk space caching is enabled
[  306.647110][ T7139] BTRFS info (device loop5): has skinny extents
[  306.792152][ T7155] batman_adv: batadv0: Adding interface: gretap1
[  306.798660][ T7155] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  306.824606][ T7155] batman_adv: batadv0: Interface activated: gretap1
[  306.988912][ T7151] delete_channel: no stack
[  307.259317][ T7139] BTRFS info (device loop5): enabling ssd optimizations
[  307.268304][ T7139] BTRFS info (device loop5): clearing free space tree
[  307.275311][ T7139] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  307.284991][ T7139] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  307.718417][ T7174] netlink: 12 bytes leftover after parsing attributes in process `syz.0.700'.
[  307.746155][ T7174] bridge1: port 1(veth5) entered blocking state
[  307.753801][ T7174] bridge1: port 1(veth5) entered disabled state
[  307.763843][ T7174] device veth5 entered promiscuous mode
[  307.886481][ T7174] bridge1: port 2(veth0_to_bond) entered blocking state
[  307.893487][ T7174] bridge1: port 2(veth0_to_bond) entered disabled state
[  308.881827][   T26] audit: type=1804 audit(1771943529.831:48): pid=7182 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.695" name="/newroot/57/file1/bus" dev="loop5" ino=263 res=1 errno=0
[  308.934370][ T7174] device veth0_to_bond entered promiscuous mode
[  309.018601][ T4229] bond1: (slave vlan3): link status definitely down, disabling slave
[  309.035489][ T4229] bond1: now running without any active interface!
[  309.104780][ T7179] bridge1: port 3(veth7) entered blocking state
[  309.111363][ T7179] bridge1: port 3(veth7) entered disabled state
[  309.127118][ T7179] device veth7 entered promiscuous mode
[  314.082552][ T7252] netlink: 8 bytes leftover after parsing attributes in process `syz.5.716'.
[  315.507380][ T7274] loop1: detected capacity change from 0 to 512
[  315.529980][ T7276] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  315.558114][ T7274] EXT4-fs (loop1): 1 truncate cleaned up
[  315.564607][ T7274] EXT4-fs (loop1): mounted filesystem without journal. Opts: bsddf,,errors=continue. Quota mode: none.
[  315.610400][   T26] audit: type=1800 audit(1771943536.846:49): pid=7274 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.724" name="file1" dev="loop1" ino=13 res=0 errno=0
[  315.638997][ T7274] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.724: bg 0: block 465: padding at end of block bitmap is not set
[  315.657884][ T7274] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6194: Corrupt filesystem
[  315.667778][ T7285] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  317.017656][ T7304] netlink: 8 bytes leftover after parsing attributes in process `syz.4.731'.
[  318.595286][ T7323] loop6: detected capacity change from 0 to 512
[  319.080322][ T7323] EXT4-fs (loop6): mounted filesystem without journal. Opts: nodioread_nolock,sb=0x0000000000000001,,errors=continue. Quota mode: writeback.
[  319.103046][ T7323] ext4 filesystem being mounted at /30/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  319.968473][ T7328] device syzkaller0 entered promiscuous mode
[  321.013962][ T7197] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  321.091896][ T7334] netlink: 28 bytes leftover after parsing attributes in process `syz.0.740'.
[  321.133084][ T7334] netlink: 28 bytes leftover after parsing attributes in process `syz.0.740'.
[  321.170912][ T7328] 0: reclassify loop, rule prio 0, protocol 800
[  321.471273][ T7197] usb 2-1: Using ep0 maxpacket: 16
[  321.787767][ T7197] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  321.797633][ T7197] usb 2-1: config 0 has no interface number 0
[  322.713677][ T7197] usb 2-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  322.725158][ T7197] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  322.733382][ T7197] usb 2-1: Product: syz
[  322.738447][ T7197] usb 2-1: Manufacturer: syz
[  322.743053][ T7197] usb 2-1: SerialNumber: syz
[  322.751487][ T7197] usb 2-1: config 0 descriptor??
[  322.866103][ T7208] libceph: connect (1)[c::]:6789 error -101
[  322.880587][ T7208] libceph: mon0 (1)[c::]:6789 connect error
[  322.906188][ T7197] usb 2-1: can't set config #0, error -71
[  322.913086][ T7197] usb 2-1: USB disconnect, device number 5
[  322.998669][ T7367] ceph: No mds server is up or the cluster is laggy
[  323.137278][ T7208] libceph: connect (1)[c::]:6789 error -101
[  323.143612][ T7208] libceph: mon0 (1)[c::]:6789 connect error
[  323.577238][ T7381] netlink: 277 bytes leftover after parsing attributes in process `syz.1.754'.
[  323.956268][ T5980] libceph: connect (1)[c::]:6789 error -101
[  323.962365][ T5980] libceph: mon0 (1)[c::]:6789 connect error
[  324.020275][ T7384] loop6: detected capacity change from 0 to 2048
[  324.061563][ T7386] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  324.091940][ T7386] device syzkaller0 entered promiscuous mode
[  324.194537][ T7386] tipc: Resetting bearer <eth:syzkaller0>
[  324.264155][ T7385] tipc: Resetting bearer <eth:syzkaller0>
[  324.484955][ T7385] tipc: Disabling bearer <eth:syzkaller0>
[  324.674431][ T7384] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  326.701813][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  326.708383][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  327.819738][ T7424] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  328.579096][ T7435] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  329.293836][ T7447] loop5: detected capacity change from 0 to 16
[  330.176544][ T7447] erofs: (device loop5): erofs_read_inode: unsupported datalayout 6 of nid 36
[  330.294258][ T7455] netlink: 'syz.6.773': attribute type 1 has an invalid length.
[  330.362349][ T7457] device syzkaller0 entered promiscuous mode
[  330.453212][ T7455] bond1: (slave bridge1): Enslaving as a backup interface with an up link
[  330.681155][ T7455] bond1: (slave bridge2): Enslaving as a backup interface with a down link
[  330.718279][ T7461] netlink: 28 bytes leftover after parsing attributes in process `syz.6.773'.
[  330.739955][ T4300] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  330.800221][ T7461] 8021q: adding VLAN 0 to HW filter on device bond1
[  330.819101][ T4336] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  330.926967][ T4300] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  331.025746][ T7471] loop0: detected capacity change from 0 to 512
[  331.273571][ T7471] EXT4-fs (loop0): Ignoring removed bh option
[  332.704140][ T7471] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  332.807725][ T7471] EXT4-fs error (device loop0): ext4_iget_extra_inode:4566: inode #15: comm syz.0.779: corrupted in-inode xattr
[  332.852965][ T7471] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.779: couldn't read orphan inode 15 (err -117)
[  332.908881][ T7471] EXT4-fs (loop0): mounted filesystem without journal. Opts: auto_da_alloc=0x0000000000000002,grpid,bh,grpid,noauto_da_alloc,max_dir_size_kb=0x0000000000000005,init_itable=0x0000000000000009,init_itable,usrjquota=,nolazytime,norecovery,,errors=continue. Quota mode: none.
[  332.934690][    C0] vkms_vblank_simulate: vblank timer overrun
[  333.366676][ T7495] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6)
[  333.373702][ T7495] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  333.499972][ T7495] vhci_hcd vhci_hcd.0: Device attached
[  333.978482][ T7496] vhci_hcd: connection closed
[  334.015546][ T6053] vhci_hcd: stop threads
[  334.141277][ T6053] vhci_hcd: release socket
[  334.181725][ T6053] vhci_hcd: disconnect device
[  334.195318][ T7201] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[  335.444015][ T7515] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.788'.
[  335.751777][ T7515] debugfs: Directory '!!ô' with parent 'ieee80211' already present!
[  336.878873][ T7521] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  339.829295][ T7201] vhci_hcd: vhci_device speed not set
[  340.076714][ T7542] loop0: detected capacity change from 0 to 8
[  340.770723][ T7546] netlink: 8 bytes leftover after parsing attributes in process `syz.6.797'.
[  343.829111][ T7555] IPVS: set_ctl: invalid protocol: 50 224.0.0.1:20001
[  344.214373][ T7569] device syzkaller0 entered promiscuous mode
[  344.296005][ T7572] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  344.307499][ T7569] 0: reclassify loop, rule prio 0, protocol 800
[  344.403268][ T7575] netlink: 44 bytes leftover after parsing attributes in process `syz.5.806'.
[  345.200307][ T7582] netlink: 'syz.4.808': attribute type 2 has an invalid length.
[  345.217765][ T7582] netlink: 'syz.4.808': attribute type 1 has an invalid length.
[  345.516779][ T7595] netlink: 'syz.0.812': attribute type 5 has an invalid length.
[  345.613845][ T7597] dlm: no local IP address has been set
[  345.619824][ T7597] dlm: cannot start dlm midcomms -107
[  345.846001][ T7595] netlink: 28 bytes leftover after parsing attributes in process `syz.0.812'.
[  346.058656][ T7595] netlink: 'syz.0.812': attribute type 10 has an invalid length.
[  346.143725][ T7595] bridge0: port 2(bridge_slave_1) entered disabled state
[  346.150999][ T7595] bridge0: port 1(bridge_slave_0) entered disabled state
[  346.204080][ T7595] bridge0: port 2(bridge_slave_1) entered blocking state
[  346.211225][ T7595] bridge0: port 2(bridge_slave_1) entered forwarding state
[  346.218666][ T7595] bridge0: port 1(bridge_slave_0) entered blocking state
[  346.225793][ T7595] bridge0: port 1(bridge_slave_0) entered forwarding state
[  346.340350][ T7595] device bridge0 entered promiscuous mode
[  346.383161][ T7600] mmap: syz.1.813 (7600): VmData 175874048 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  346.403847][ T7595] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  346.450152][ T7600] netlink: 56 bytes leftover after parsing attributes in process `syz.1.813'.
[  349.185584][ T7620] loop1: detected capacity change from 0 to 2048
[  349.261997][ T5656] Dev loop1: unable to read partition block 23055453
[  349.284111][ T7623] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  349.291310][ T5656]  loop1: RDSK (1311599104) unable to read partition table
[  349.298642][ T5656] loop1: partition table beyond EOD, truncated
[  349.313894][ T7623] device syzkaller0 entered promiscuous mode
[  349.330494][ T7620] Dev loop1: unable to read partition block 23055453
[  349.346116][ T7623] netlink: 44 bytes leftover after parsing attributes in process `syz.0.820'.
[  349.352789][ T7620]  loop1: RDSK (1311599104) unable to read partition table
[  349.403993][ T7623] tipc: Resetting bearer <eth:syzkaller0>
[  349.420079][ T7620] loop1: partition table beyond EOD, truncated
[  349.437657][ T7622] tipc: Resetting bearer <eth:syzkaller0>
[  349.469960][ T7622] tipc: Disabling bearer <eth:syzkaller0>
[  349.476078][ T7620] loop_reread_partitions: partition scan of loop1 () failed (rc=-5)
[  349.799985][ T7631] bridge0: port 1(bridge_slave_0) entered disabled state
[  349.808648][ T7631] bridge0: port 2(bridge_slave_1) entered disabled state
[  351.970414][ T7661] loop0: detected capacity change from 0 to 512
[  352.729820][ T7661] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  352.741741][ T7661] ext4 filesystem being mounted at /184/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  355.441404][ T7695] device syzkaller0 entered promiscuous mode
[  361.855368][ T7742] netlink: 84 bytes leftover after parsing attributes in process `syz.1.849'.
[  361.995524][ T7743] netlink: 'syz.1.849': attribute type 1 has an invalid length.
[  362.387679][ T7747] device syzkaller0 entered promiscuous mode
[  362.403223][ T7747] 0: reclassify loop, rule prio 0, protocol 700
[  366.294675][ T5093] Bluetooth: hci4: command 0x0406 tx timeout
[  366.626135][ T7781] netlink: 'syz.1.862': attribute type 2 has an invalid length.
[  367.238841][ T7792] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.863'.
[  367.250870][ T7792] sysfs: cannot create duplicate filename '/class/ieee80211/!!ô'
[  367.258884][ T7792] CPU: 1 PID: 7792 Comm: syz.0.863 Not tainted syzkaller #0
[  367.266179][ T7792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  367.276245][ T7792] Call Trace:
[  367.279511][ T7792]  <TASK>
[  367.282422][ T7792]  dump_stack_lvl+0x188/0x250
[  367.287087][ T7792]  ? show_regs_print_info+0x20/0x20
[  367.292263][ T7792]  ? load_image+0x400/0x400
[  367.296749][ T7792]  sysfs_warn_dup+0x8a/0xa0
[  367.301229][ T7792]  sysfs_do_create_link_sd+0xc0/0x110
[  367.306579][ T7792]  device_add+0x7ed/0xfb0
[  367.310894][ T7792]  wiphy_register+0x1e81/0x2c30
[  367.315730][ T7792]  ? cfg80211_event_work+0x40/0x40
[  367.320819][ T7792]  ? minstrel_ht_alloc+0x808/0x980
[  367.325914][ T7792]  ? ieee80211_init_rate_ctrl_alg+0x55e/0x5e0
[  367.331965][ T7792]  ieee80211_register_hw+0x2aa1/0x3af0
[  367.337401][ T7792]  ? lockdep_hardirqs_on+0x94/0x140
[  367.342591][ T7792]  ? ieee80211_tasklet_handler+0x20/0x20
[  367.348199][ T7792]  ? rcu_is_watching+0x11/0xa0
[  367.352939][ T7792]  ? memset+0x1e/0x40
[  367.356901][ T7792]  ? hrtimer_init+0x10c/0x220
[  367.361562][ T7792]  mac80211_hwsim_new_radio+0x20d3/0x4080
[  367.367272][ T7792]  hwsim_new_radio_nl+0xa6f/0xc40
[  367.372333][ T7792]  genl_rcv_msg+0xcea/0xf90
[  367.376830][ T7792]  ? genl_bind+0x380/0x380
[  367.381253][ T7792]  ? __dev_queue_xmit+0x1c51/0x2fd0
[  367.386458][ T7792]  ? verify_lock_unused+0x140/0x140
[  367.391674][ T7792]  ? kmalloc_large_node+0xf2/0x190
[  367.396789][ T7792]  ? dev_queue_xmit+0x20/0x20
[  367.401460][ T7792]  ? hwsim_tx_info_frame_received_nl+0x1020/0x1020
[  367.407954][ T7792]  netlink_rcv_skb+0x1f5/0x440
[  367.412704][ T7792]  ? genl_bind+0x380/0x380
[  367.417185][ T7792]  ? netlink_ack+0xb50/0xb50
[  367.421751][ T7792]  ? __lock_acquire+0x7d10/0x7d10
[  367.426758][ T7792]  ? down_read+0x1aa/0x2e0
[  367.431152][ T7792]  genl_rcv+0x24/0x40
[  367.435124][ T7792]  netlink_unicast+0x774/0x920
[  367.439871][ T7792]  netlink_sendmsg+0x8ba/0xbe0
[  367.444616][ T7792]  ? netlink_getsockopt+0x570/0x570
[  367.449792][ T7792]  ? aa_sock_msg_perm+0x94/0x150
[  367.454711][ T7792]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  367.459972][ T7792]  ? security_socket_sendmsg+0x7c/0xa0
[  367.465405][ T7792]  ? netlink_getsockopt+0x570/0x570
[  367.470587][ T7792]  ____sys_sendmsg+0x5b7/0x8f0
[  367.475334][ T7792]  ? __sys_sendmsg_sock+0x30/0x30
[  367.480338][ T7792]  ? import_iovec+0x6f/0xa0
[  367.484820][ T7792]  ___sys_sendmsg+0x236/0x2e0
[  367.489483][ T7792]  ? __sys_sendmsg+0x2a0/0x2a0
[  367.494246][ T7792]  __se_sys_sendmsg+0x1af/0x290
[  367.499074][ T7792]  ? __x64_sys_sendmsg+0x80/0x80
[  367.503994][ T7792]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  367.509961][ T7792]  ? lockdep_hardirqs_on+0x94/0x140
[  367.515138][ T7792]  do_syscall_64+0x4c/0xa0
[  367.519530][ T7792]  ? clear_bhb_loop+0x30/0x80
[  367.524183][ T7792]  ? clear_bhb_loop+0x30/0x80
[  367.528834][ T7792]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  367.534713][ T7792] RIP: 0033:0x7f1c20e78629
[  367.539115][ T7792] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  367.558701][ T7792] RSP: 002b:00007f1c1f0b1028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  367.567117][ T7792] RAX: ffffffffffffffda RBX: 00007f1c210f2090 RCX: 00007f1c20e78629
[  367.575064][ T7792] RDX: 0000000000000e00 RSI: 0000200000000000 RDI: 0000000000000003
[  367.583013][ T7792] RBP: 00007f1c20f0eb39 R08: 0000000000000000 R09: 0000000000000000
[  367.590962][ T7792] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  367.598908][ T7792] R13: 00007f1c210f2128 R14: 00007f1c210f2090 R15: 00007ffc195eeda8
[  367.606868][ T7792]  </TASK>
[  369.936456][ T7816] device syzkaller0 entered promiscuous mode
[  371.949301][ T7827] netlink: 8 bytes leftover after parsing attributes in process `syz.6.872'.
[  371.958697][ T7829] netlink: 'syz.1.873': attribute type 21 has an invalid length.
[  375.490839][ T7879] netlink: 209852 bytes leftover after parsing attributes in process `syz.6.881'.
[  375.530858][ T7879] debugfs: Directory '!!ô' with parent 'ieee80211' already present!
[  379.015234][ T7916] netlink: 16 bytes leftover after parsing attributes in process `syz.0.896'.
[  379.550643][ T7926] netlink: 48 bytes leftover after parsing attributes in process `syz.6.898'.
[  381.104766][ T7937] loop0: detected capacity change from 0 to 40427
[  381.546267][ T7937] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  381.554329][ T7937] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  381.583545][ T7937] F2FS-fs (loop0): invalid crc value
[  381.657160][ T7937] F2FS-fs (loop0): Found nat_bits in checkpoint
[  381.752421][ T7937] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  381.759588][ T7937] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  381.832675][ T4189] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  382.955307][ T4189] usb 7-1: Using ep0 maxpacket: 32
[  383.094818][ T4189] usb 7-1: config index 0 descriptor too short (expected 35577, got 27)
[  383.153358][ T4189] usb 7-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  383.420996][ T4189] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 92
[  383.598331][ T4189] usb 7-1: config 1 has no interface number 0
[  383.757301][ T4189] usb 7-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  383.768999][ T4189] usb 7-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  383.782784][ T4189] usb 7-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  383.798284][ T4189] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  383.958319][ T7958] device bridge2 entered promiscuous mode
[  385.264538][ T4189] usb 7-1: can't set config #1, error -71
[  385.286849][ T4189] usb 7-1: USB disconnect, device number 2
[  391.297656][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  391.303972][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  392.185253][ T8035] ptrace attach of ""[4193] was attempted by ""[8035]
[  396.610630][ T8075] netlink: 64985 bytes leftover after parsing attributes in process `syz.0.929'.
[  396.648747][ T8070] loop6: detected capacity change from 0 to 8192
[  399.308818][ T8100] netlink: 48 bytes leftover after parsing attributes in process `syz.4.941'.
[  400.272041][ T8105] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  400.309841][ T8105] VFS: Can't find a romfs filesystem on dev nullb0.
[  400.309841][ T8105] 
[  401.207960][ T8109] netlink: 4 bytes leftover after parsing attributes in process `syz.0.944'.
[  401.854295][ T8120] netlink: 64985 bytes leftover after parsing attributes in process `syz.6.948'.
[  403.007755][ T8146] team0 (unregistering): Port device team_slave_0 removed
[  403.072409][ T8146] team0 (unregistering): Port device team_slave_1 removed
[  403.109684][ T8151] delete_channel: no stack
[  407.434737][ T8196] loop0: detected capacity change from 0 to 1024
[  408.354051][ T8196] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  408.540172][ T8196] EXT4-fs (loop0): orphan cleanup on readonly fs
[  408.607337][ T8196] EXT4-fs error (device loop0): ext4_free_blocks:6234: comm syz.0.967: Freeing blocks not in datazone - block = 0, count = 4096
[  408.832521][ T8196] EXT4-fs (loop0): 1 orphan inode deleted
[  408.848217][ T8196] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  409.639848][ T8219] loop6: detected capacity change from 0 to 256
[  409.707791][ T8219] FAT-fs (loop6): Directory bread(block 1285) failed
[  409.723610][ T8219] FAT-fs (loop6): Directory bread(block 1286) failed
[  409.751035][ T8219] FAT-fs (loop6): Directory bread(block 1287) failed
[  409.771023][ T8219] FAT-fs (loop6): Directory bread(block 1288) failed
[  409.927062][ T8219] FAT-fs (loop6): Directory bread(block 1285) failed
[  409.969329][ T8219] FAT-fs (loop6): Directory bread(block 1286) failed
[  409.990908][ T8219] FAT-fs (loop6): Directory bread(block 1287) failed
[  410.044819][ T8219] FAT-fs (loop6): Directory bread(block 1288) failed
[  410.096194][ T8219] FAT-fs (loop6): FAT read failed (blocknr 1281)
[  410.551360][ T8227] ipt_REJECT: ECHOREPLY no longer supported.
[  411.190776][ T8236] loop6: detected capacity change from 0 to 512
[  411.289362][ T8236] EXT4-fs (loop6): Ignoring removed mblk_io_submit option
[  411.310738][ T8236] EXT4-fs (loop6): inline encryption not supported
[  411.415827][ T8237] loop0: detected capacity change from 0 to 32768
[  411.435479][ T8236] EXT4-fs (loop6): Test dummy encryption mode enabled
[  411.447850][ T8236] EXT4-fs (loop6): Ignoring removed mblk_io_submit option
[  411.469102][ T8236] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  411.527184][ T8236] EXT4-fs (loop6): 1 truncate cleaned up
[  411.544355][ T8236] EXT4-fs (loop6): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,. Quota mode: none.
[  412.565766][ T8237] XFS (loop0): Mounting V5 Filesystem
[  412.705080][ T8237] XFS (loop0): Ending clean mount
[  412.719455][ T8237] XFS (loop0): Quotacheck needed: Please wait.
[  413.062795][ T8263] overlayfs: failed to resolve './file1': -2
[  414.058911][ T8237] XFS (loop0): Quotacheck: Done.
[  415.473935][ T4184] XFS (loop0): Unmounting Filesystem
[  417.185378][ T8304] ptrace attach of "./syz-executor exec"[4185] was attempted by ""[8304]
[  417.199388][ T8304] IPVS: Error connecting to the multicast addr
[  418.131338][ T8312] device syzkaller0 entered promiscuous mode
[  419.883866][ T8332] device syzkaller0 left promiscuous mode
[  422.160103][ T8337] netlink: 76 bytes leftover after parsing attributes in process `syz.5.1000'.
[  422.541480][ T8359] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  422.549731][ T8359] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  424.160754][ T8359] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  424.190023][ T8364] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  426.817622][ T8393] netlink: 'syz.6.1014': attribute type 10 has an invalid length.
[  426.851640][ T8393] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  432.334878][ T8448] netlink: 'syz.0.1029': attribute type 8 has an invalid length.
[  432.342661][ T8448] netlink: 161700 bytes leftover after parsing attributes in process `syz.0.1029'.
[  432.571296][ T8457] futex_wake_op: syz.0.1032 tries to shift op by 32; fix this program
[  432.846299][ T8466] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  435.272677][ T8482] overlayfs: failed to clone upperpath
[  435.984001][ T8489] loop0: detected capacity change from 0 to 256
[  438.291573][ T8505] device syzkaller0 entered promiscuous mode
[  439.570493][ T8508] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -4
[  439.579840][ T8508] platform regulatory.0: Direct firmware load for regulatory.db failed with error -4
[  439.589430][ T8508] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  439.637978][ T8516] loop0: detected capacity change from 0 to 256
[  439.644912][   T26] audit: type=1800 audit(1771943908.801:50): pid=8508 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1044" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  439.836087][ T8512] netlink: zone id is out of range
[  439.844997][ T8512] netlink: zone id is out of range
[  439.850440][ T8512] netlink: zone id is out of range
[  439.894228][ T8512] netlink: zone id is out of range
[  439.903843][ T8512] netlink: zone id is out of range
[  440.590658][ T8512] netlink: zone id is out of range
[  440.595947][ T8512] netlink: zone id is out of range
[  440.606949][ T8512] netlink: zone id is out of range
[  440.612764][ T8512] netlink: zone id is out of range
[  440.618070][ T8512] netlink: zone id is out of range
[  442.573891][ T8542] overlayfs: failed to clone upperpath
[  443.171316][ T8546] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  443.952459][ T8563] overlayfs: failed to clone upperpath
[  446.257439][ T8587] loop0: detected capacity change from 0 to 8
[  448.468889][ T8611] xt_l2tp: v2 tid > 0xffff: 37482740
[  456.059433][ T8697] loop0: detected capacity change from 0 to 65536
[  456.470216][ T8705] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1092'.
[  457.079738][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  457.086079][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  457.537581][ T8720] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1095'.
[  457.713667][ T8697] XFS (loop0): Mounting V5 Filesystem
[  458.729766][ T8697] XFS (loop0): Ending clean mount
[  460.505279][ T4184] XFS (loop0): Unmounting Filesystem
[  460.699461][ T8720] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1095'.
[  461.432899][ T2387] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  463.482316][ T2387] usb 7-1: device descriptor read/64, error -71
[  463.504339][   T26] audit: type=1326 audit(1771943931.186:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8772 comm="syz.4.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99e1b40629 code=0x7ffc0000
[  463.721919][   T26] audit: type=1326 audit(1771943931.214:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8772 comm="syz.4.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99e1b40629 code=0x7ffc0000
[  463.776120][   T26] audit: type=1326 audit(1771943931.223:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8772 comm="syz.4.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=437 compat=0 ip=0x7f99e1b40629 code=0x7ffc0000
[  464.959942][ T2387] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  465.048667][   T26] audit: type=1326 audit(1771943931.223:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8772 comm="syz.4.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99e1b40629 code=0x7ffc0000
[  465.070871][    C1] vkms_vblank_simulate: vblank timer overrun
[  465.190438][   T26] audit: type=1326 audit(1771943931.223:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8772 comm="syz.4.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99e1b40629 code=0x7ffc0000
[  465.212604][    C1] vkms_vblank_simulate: vblank timer overrun
[  465.916975][ T2387] usb 7-1: device descriptor read/64, error -71
[  466.295291][ T2387] usb usb7-port1: attempt power cycle
[  466.796459][   T26] audit: type=1326 audit(1771943931.223:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8772 comm="syz.4.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f99e1b00ece code=0x7ffc0000
[  466.806817][ T8819] net_ratelimit: 99 callbacks suppressed
[  466.806834][ T8819] netlink: zone id is out of range
[  466.863965][ T8819] netlink: zone id is out of range
[  466.894168][   T26] audit: type=1326 audit(1771943931.223:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8772 comm="syz.4.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99e1b40629 code=0x7ffc0000
[  466.905761][ T8827] device syzkaller0 entered promiscuous mode
[  467.321583][ T8819] netlink: zone id is out of range
[  467.754302][   T26] audit: type=1326 audit(1771943931.223:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8772 comm="syz.4.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99e1b40629 code=0x7ffc0000
[  467.795847][ T8819] netlink: zone id is out of range
[  467.801040][ T8819] netlink: zone id is out of range
[  467.806158][ T8819] netlink: zone id is out of range
[  467.892219][ T8819] netlink: zone id is out of range
[  467.897374][ T8819] netlink: zone id is out of range
[  467.902506][ T8819] netlink: zone id is out of range
[  467.904587][   T26] audit: type=1326 audit(1771943931.232:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8772 comm="syz.4.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f99e1b40629 code=0x7ffc0000
[  467.922693][ T8819] netlink: zone id is out of range
[  467.940327][   T26] audit: type=1326 audit(1771943931.232:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8772 comm="syz.4.1109" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99e1b40629 code=0x7ffc0000
[  471.610272][ T8870] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  472.294037][ T8896] IPv6: ADDRCONF(NETDEV_CHANGE): rose0: link becomes ready
[  473.532856][ T8905] loop0: detected capacity change from 0 to 1024
[  473.589476][ T8905] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  473.615126][ T8905] EXT4-fs (loop0): orphan cleanup on readonly fs
[  473.633175][ T8905] EXT4-fs error (device loop0): ext4_free_blocks:6234: comm syz.0.1139: Freeing blocks not in datazone - block = 0, count = 4096
[  474.010389][ T8905] EXT4-fs (loop0): 1 orphan inode deleted
[  474.016152][ T8905] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  475.193554][   T26] kauditd_printk_skb: 19 callbacks suppressed
[  475.193568][   T26] audit: type=1326 audit(1771943942.120:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8924 comm="syz.5.1144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff94d09b629 code=0x7ffc0000
[  476.294897][ T8934] netlink: 116 bytes leftover after parsing attributes in process `syz.4.1143'.
[  477.219352][   T26] audit: type=1326 audit(1771943942.120:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8924 comm="syz.5.1144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff94d09b629 code=0x7ffc0000
[  477.284986][   T26] audit: type=1326 audit(1771943944.019:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8924 comm="syz.5.1144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7ff94d09b629 code=0x7ffc0000
[  477.662304][   T26] audit: type=1326 audit(1771943944.019:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8924 comm="syz.5.1144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff94d09b629 code=0x7ffc0000
[  477.700031][   T26] audit: type=1326 audit(1771943944.019:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8924 comm="syz.5.1144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff94d09b629 code=0x7ffc0000
[  477.749548][   T26] audit: type=1326 audit(1771943944.019:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8924 comm="syz.5.1144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7ff94d09b629 code=0x7ffc0000
[  478.569113][   T26] audit: type=1326 audit(1771943944.047:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8924 comm="syz.5.1144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff94d09b629 code=0x7ffc0000
[  478.829641][   T26] audit: type=1326 audit(1771943944.066:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8924 comm="syz.5.1144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff94d09b629 code=0x7ffc0000
[  478.893136][   T26] audit: type=1326 audit(1771943944.066:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8939 comm="syz.5.1144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7ff94d05bece code=0x7ffc0000
[  479.107387][   T26] audit: type=1326 audit(1771943944.459:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8939 comm="syz.5.1144" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7ff94d09b629 code=0x7ffc0000
[  479.210105][ T8957] loop6: detected capacity change from 0 to 512
[  481.612673][ T2387] usb 7-1: new full-speed USB device number 6 using dummy_hcd
[  482.694955][ T2387] usb 7-1: device descriptor read/64, error -71
[  482.759947][ T8984] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1157'.
[  483.055875][ T8987] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1157'.
[  487.516731][ T9041] loop0: detected capacity change from 0 to 512
[  487.722416][ T9041] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  487.831541][ T9052] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  488.263703][ T9054] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1175'.
[  488.447724][ T9060] netlink: 'syz.5.1176': attribute type 13 has an invalid length.
[  489.619448][ T9081] loop6: detected capacity change from 0 to 512
[  489.797215][ T9081] EXT4-fs error (device loop6): ext4_orphan_get:1400: inode #15: comm syz.6.1179: inode has both inline data and extents flags
[  489.812265][ T9081] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.1179: couldn't read orphan inode 15 (err -117)
[  489.830418][ T9081] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  491.199726][ T9092] overlayfs: failed to clone upperpath
[  492.521071][ T9060] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  492.627023][ T9060] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  493.920545][ T9060] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  493.936269][ T9060] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  493.949696][ T9060] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  493.961122][ T9060] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  494.452038][ T9069] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1178'.
[  496.349462][ T9135] loop6: detected capacity change from 0 to 128
[  497.062923][ T9142] loop0: detected capacity change from 0 to 1024
[  497.338715][ T9134] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1193'.
[  498.110588][ T9135] EXT4-fs: failed to create workqueue
[  498.116562][ T9135] EXT4-fs (loop6): mount failed
[  499.294403][ T9160] loop6: detected capacity change from 0 to 1024
[  500.241262][ T9160] EXT4-fs (loop6): Ignoring removed nomblk_io_submit option
[  500.251595][ T9169] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1201'.
[  500.278118][ T9160] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e015c01c, mo2=0042]
[  500.295672][ T9160] System zones: 0-1, 3-36
[  500.313268][ T9160] EXT4-fs (loop6): mounted filesystem without journal. Opts: grpquota,nobarrier,dax=inode,debug,dioread_lock,bsddf,nomblk_io_submit,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  500.929215][ T9173] device wg1 entered promiscuous mode
[  509.236379][ T9245] netlink: 'syz.4.1220': attribute type 4 has an invalid length.
[  511.005452][ T9259] fuse: Bad value for 'fd'
[  514.688511][ T9296] loop6: detected capacity change from 0 to 512
[  515.027824][ T9296] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  515.052784][ T9296] ext4 filesystem being mounted at /116/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  515.990361][ T9315] netlink: 'syz.0.1238': attribute type 1 has an invalid length.
[  516.251387][ T9317] bridge4: the hash_elasticity option has been deprecated and is always 16
[  516.702789][ T9318] bond4: (slave vxcan1): The slave device specified does not support setting the MAC address
[  516.736803][ T9318] bond4: (slave vxcan1): Error -22 calling dev_set_mtu
[  516.806422][ T9315] bond4: (slave gretap1): making interface the new active one
[  516.828051][ T9315] bond4: (slave gretap1): Enslaving as an active interface with an up link
[  517.403611][ T9319] device macvlan2 entered promiscuous mode
[  517.719728][ T9319] device bond4 entered promiscuous mode
[  517.835092][ T9319] device gretap1 entered promiscuous mode
[  517.874513][ T9319] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  517.992026][ T9319] bond4: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1
[  518.053768][ T9319] device bond4 left promiscuous mode
[  518.059104][ T9319] device gretap1 left promiscuous mode
[  519.399752][ T9353] xt_cgroup: path and classid specified
[  520.461436][ T9358] loop0: detected capacity change from 0 to 8192
[  520.657714][ T9371] capability: warning: `syz.4.1250' uses 32-bit capabilities (legacy support in use)
[  520.987343][ T9358] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[  521.166502][ T9358] REISERFS (device loop0): using ordered data mode
[  521.173053][ T9358] reiserfs: using flush barriers
[  521.328373][ T9358] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  521.765880][ T9386] wlan0 speed is unknown, defaulting to 1000
[  522.905694][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  522.915767][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  522.931979][ T9358] REISERFS (device loop0): checking transaction log (loop0)
[  523.186918][ T9358] REISERFS (device loop0): Using r5 hash to sort names
[  523.487450][ T9358] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  523.816451][ T9358] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  529.472417][ T9443] netlink: 'syz.4.1269': attribute type 3 has an invalid length.
[  529.480302][ T9443] netlink: 'syz.4.1269': attribute type 1 has an invalid length.
[  532.227141][   T26] audit: type=1326 audit(1771943995.900:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9453 comm="syz.6.1273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feec8709629 code=0x7ffc0000
[  532.357515][ T9470] loop0: detected capacity change from 0 to 512
[  532.377766][   T26] audit: type=1326 audit(1771943995.900:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9453 comm="syz.6.1273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feec8709629 code=0x7ffc0000
[  532.447333][   T26] audit: type=1326 audit(1771943995.909:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9453 comm="syz.6.1273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7feec8709629 code=0x7ffc0000
[  532.469741][   T26] audit: type=1326 audit(1771943995.909:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9453 comm="syz.6.1273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feec8709629 code=0x7ffc0000
[  532.702344][   T26] audit: type=1326 audit(1771943995.909:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9453 comm="syz.6.1273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feec8709629 code=0x7ffc0000
[  533.183636][   T26] audit: type=1326 audit(1771943995.909:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9453 comm="syz.6.1273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7feec8709629 code=0x7ffc0000
[  533.216093][   T26] audit: type=1326 audit(1771943995.909:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9453 comm="syz.6.1273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feec8709629 code=0x7ffc0000
[  533.250475][ T9470] EXT4-fs (loop0): mounted filesystem without journal. Opts: noauto_da_alloc,init_itable=0x0000000000000006,barrier=0x000000000000008e,bsddf,errors=remount-ro,init_itable,max_dir_size_kb=0x0000000000000109,quota,. Quota mode: writeback.
[  533.297406][ T9470] ext4 filesystem being mounted at /261/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  533.713846][ T9493] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  534.280815][   T26] audit: type=1326 audit(1771943995.909:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9453 comm="syz.6.1273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feec8709629 code=0x7ffc0000
[  534.280854][   T26] audit: type=1326 audit(1771943995.909:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9453 comm="syz.6.1273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7feec8709629 code=0x7ffc0000
[  534.280883][   T26] audit: type=1326 audit(1771943995.909:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9453 comm="syz.6.1273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feec8709629 code=0x7ffc0000
[  539.674903][ T9554] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  539.691019][ T9554] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  539.699150][ T9554] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  539.824574][ T5089] bond1: (slave bridge1): link status up again after 0 ms
[  540.063147][ T5089] net_ratelimit: 99 callbacks suppressed
[  540.063164][ T5089] bond1: (slave bridge1): failed to get link speed/duplex
[  540.464464][ T5089] bond1: (slave bridge1): failed to get link speed/duplex
[  542.473430][ T4317] bond1: (slave bridge1): failed to get link speed/duplex
[  542.599472][ T4317] bond1: (slave bridge1): failed to get link speed/duplex
[  542.645289][ T9595] binfmt_misc: register: failed to install interpreter file ./file0
[  542.723229][ T4317] bond1: (slave bridge1): failed to get link speed/duplex
[  543.206749][ T9597] device gretap0 entered promiscuous mode
[  543.367773][  T424] bond1: (slave bridge1): failed to get link speed/duplex
[  543.485374][ T4317] bond1: (slave bridge1): failed to get link speed/duplex
[  543.611592][ T9601] tipc: Started in network mode
[  543.720703][ T9601] tipc: Node identity 080211000001, cluster identity 4711
[  543.728036][ T9601] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  544.105886][ T9607] cgroup: Unknown subsys name 'rootcontext'
[  544.895589][ T5089] bond1: (slave bridge1): failed to get link speed/duplex
[  544.927286][ T4189] tipc: Node number set to 134418688
[  544.935927][ T9592] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1310'.
[  545.080498][  T424] bond1: (slave bridge1): failed to get link speed/duplex
[  545.150700][ T9620] netlink: 34 bytes leftover after parsing attributes in process `syz.5.1319'.
[  545.552176][ T9626] 8021q: VLANs not supported on ip6tnl0
[  546.172171][ T5089] bond1: (slave bridge1): failed to get link speed/duplex
[  546.329848][  T424] bond1: (slave bridge1): failed to get link speed/duplex
[  546.483616][ T4315] bond1: (slave bridge1): failed to get link speed/duplex
[  547.071287][ T4336] bond1: (slave bridge1): failed to get link speed/duplex
[  547.262157][ T9646] No such timeout policy "syz1"
[  548.640857][ T4336] bond1: (slave bridge1): failed to get link speed/duplex
[  550.794818][ T4315] bond1: (slave bridge1): failed to get link speed/duplex
[  551.011539][ T4315] bond1: (slave bridge1): failed to get link speed/duplex
[  551.242383][ T4315] bond1: (slave bridge1): failed to get link speed/duplex
[  551.594168][ T4336] bond1: (slave bridge1): failed to get link speed/duplex
[  552.154640][ T9681] loop0: detected capacity change from 0 to 8
[  552.252357][ T4336] bond1: (slave bridge1): failed to get link speed/duplex
[  552.700029][ T4317] bond1: (slave bridge1): failed to get link speed/duplex
[  553.801860][ T5089] bond1: (slave bridge1): failed to get link speed/duplex
[  555.833492][ T9681] SQUASHFS error: Failed to read block 0xe000000000001ea: -5
[  555.873587][ T9681] unable to read xattr id index table
[  556.015123][ T4315] bond1: (slave bridge1): failed to get link speed/duplex
[  556.437891][ T5089] bond1: (slave bridge1): failed to get link speed/duplex
[  556.571143][ T4315] bond1: (slave bridge1): failed to get link speed/duplex
[  556.723356][ T4336] bond1: (slave bridge1): failed to get link speed/duplex
[  556.980472][ T4315] bond1: (slave bridge1): failed to get link speed/duplex
[  557.896790][ T9714] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  558.845496][  T424] bond1: (slave bridge1): failed to get link speed/duplex
[  558.991241][ T5089] bond1: (slave bridge1): failed to get link speed/duplex
[  559.143060][ T5089] bond1: (slave bridge1): failed to get link speed/duplex
[  559.628712][ T4317] bond1: (slave bridge1): failed to get link speed/duplex
[  559.800335][ T4317] bond1: (slave bridge1): failed to get link speed/duplex
[  559.948805][ T5089] bond1: (slave bridge1): failed to get link speed/duplex
[  560.541180][ T4317] bond1: (slave bridge1): failed to get link speed/duplex
[  561.015423][ T5089] bond1: (slave bridge1): failed to get link speed/duplex
[  561.231867][  T154] bond1: (slave bridge1): failed to get link speed/duplex
[  562.438665][  T154] net_ratelimit: 2 callbacks suppressed
[  562.438725][  T154] bond1: (slave bridge1): failed to get link speed/duplex
[  563.297499][ T4315] bond1: (slave bridge1): failed to get link speed/duplex
[  563.335709][ T9765] delete_channel: no stack
[  563.341328][ T9765] delete_channel: no stack
[  563.541308][ T9772] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  563.692005][  T154] bond1: (slave bridge1): failed to get link speed/duplex
[  564.157269][ T4400] bond1: (slave bridge1): failed to get link speed/duplex
[  564.236687][ T9779] loop0: detected capacity change from 0 to 512
[  564.332674][ T4400] bond1: (slave bridge1): failed to get link speed/duplex
[  564.349369][ T9779] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled
[  564.396362][ T9779] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled
[  564.519595][ T4315] bond1: (slave bridge1): failed to get link speed/duplex
[  565.197534][ T9779] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,jqfmt=vfsv0,,errors=continue. Quota mode: writeback.
[  565.213854][  T424] bond1: (slave bridge1): failed to get link speed/duplex
[  565.231318][ T9779] ext4 filesystem being mounted at /276/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  566.557841][ T4336] bond1: (slave bridge1): failed to get link speed/duplex
[  567.306583][ T4315] bond1: (slave bridge1): failed to get link speed/duplex
[  567.840812][ T4336] bond1: (slave bridge1): failed to get link speed/duplex
[  568.009875][ T4336] bond1: (slave bridge1): failed to get link speed/duplex
[  568.321413][ T4317] bond1: (slave bridge1): failed to get link speed/duplex
[  568.490976][ T4317] bond1: (slave bridge1): failed to get link speed/duplex
[  568.587671][ T9821] loop0: detected capacity change from 0 to 1024
[  568.671355][ T9817] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1369'.
[  568.708232][ T9817] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  569.786980][ T9817] batman_adv: batadv0: Removing interface: batadv_slave_1
[  569.966003][ T5089] bond1: (slave bridge1): failed to get link speed/duplex
[  572.155589][ T4317] bond1: (slave bridge1): failed to get link speed/duplex
[  572.308355][    T9] bond1: (slave bridge1): failed to get link speed/duplex
[  574.008203][  T424] bond1: (slave bridge1): failed to get link speed/duplex
[  574.639021][ T4315] bond1: (slave bridge1): failed to get link speed/duplex
[  575.643717][ T4340] bond1: (slave bridge1): failed to get link speed/duplex
[  576.111900][ T9874] fuse: Unknown parameter '0x0000000000000003'
[  576.212087][ T9884] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1386'.
[  576.249089][ T4419] bond1: (slave bridge1): failed to get link speed/duplex
[  576.262064][   T26] kauditd_printk_skb: 10 callbacks suppressed
[  576.262080][   T26] audit: type=1326 audit(1771944037.665:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9870 comm="syz.4.1384" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f99e1b40629 code=0x0
[  576.932043][ T5089] bond1: (slave bridge1): failed to get link speed/duplex
[  576.962776][ T9884] netlink: 'syz.0.1386': attribute type 11 has an invalid length.
[  577.101464][ T4340] bond1: (slave bridge1): failed to get link speed/duplex
[  577.106262][ T9886] loop0: detected capacity change from 0 to 128
[  577.390368][ T5089] bond1: (slave bridge1): failed to get link speed/duplex
[  578.129185][ T9886] VFS: Found a Xenix FS (block size = 512) on device loop0
[  578.147815][ T9909] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1392'.
[  578.348369][ T4400] bond1: (slave bridge1): failed to get link speed/duplex
[  580.468801][ T4184] sysv_free_block: trying to free block not in datazone
[  580.881463][ T4400] bond1: (slave bridge1): failed to get link speed/duplex
[  581.373442][   T26] audit: type=1326 audit(1771944042.426:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9931 comm="syz.5.1399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff94d09b629 code=0x7ffc0000
[  582.408040][  T424] bond1: (slave bridge1): failed to get link speed/duplex
[  582.435335][ T4184] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  583.410323][ T5089] bond1: (slave bridge1): failed to get link speed/duplex
[  583.464921][   T26] audit: type=1326 audit(1771944042.426:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9931 comm="syz.5.1399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff94d09b629 code=0x7ffc0000
[  583.489610][   T26] audit: type=1326 audit(1771944042.426:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9931 comm="syz.5.1399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7ff94d09b629 code=0x7ffc0000
[  583.512384][   T26] audit: type=1326 audit(1771944042.426:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9931 comm="syz.5.1399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff94d09b629 code=0x7ffc0000
[  583.660837][   T26] audit: type=1326 audit(1771944042.426:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9931 comm="syz.5.1399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff94d09b629 code=0x7ffc0000
[  583.683566][   T26] audit: type=1326 audit(1771944042.426:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9931 comm="syz.5.1399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7ff94d09b629 code=0x7ffc0000
[  583.791423][ T9944] loop6: detected capacity change from 0 to 512
[  583.841423][ T5089] bond1: (slave bridge1): failed to get link speed/duplex
[  583.843427][   T26] audit: type=1326 audit(1771944042.426:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9931 comm="syz.5.1399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff94d09b629 code=0x7ffc0000
[  583.870900][   T26] audit: type=1326 audit(1771944042.426:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9931 comm="syz.5.1399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff94d09b629 code=0x7ffc0000
[  583.893586][   T26] audit: type=1326 audit(1771944042.436:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9931 comm="syz.5.1399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7ff94d09b629 code=0x7ffc0000
[  583.924405][   T26] audit: type=1326 audit(1771944042.436:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9931 comm="syz.5.1399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff94d09b629 code=0x7ffc0000
[  584.055619][   T26] audit: type=1326 audit(1771944042.436:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9931 comm="syz.5.1399" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff94d09b629 code=0x7ffc0000
[  584.677140][ T4340] bond1: (slave bridge1): failed to get link speed/duplex
[  585.192730][    T9] bond1: (slave bridge1): failed to get link speed/duplex
[  585.753685][ T9944] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  585.765063][ T9944] ext4 filesystem being mounted at /145/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  586.021085][ T4315] bond1: (slave bridge1): failed to get link speed/duplex
[  586.847401][ T4300] bond1: (slave bridge1): failed to get link speed/duplex
[  587.962526][ T4400] bond1: (slave bridge1): failed to get link speed/duplex
[  588.298959][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  588.305303][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  589.018167][ T4400] bond1: (slave bridge1): failed to get link speed/duplex
[  589.337719][T10003] netlink: 'syz.1.1413': attribute type 10 has an invalid length.
[  589.348281][T10003] team0: Port device dummy0 added
[  589.887110][ T4419] bond1: (slave bridge1): failed to get link speed/duplex
[  589.935367][ T9999] loop0: detected capacity change from 0 to 128
[  590.121797][ T4315] bond1: (slave bridge1): failed to get link speed/duplex
[  590.283785][ T9999] qnx6: wrong signature (magic) in superblock #1.
[  590.756304][ T4317] bond1: (slave bridge1): failed to get link speed/duplex
[  590.787764][ T9994] xt_CT: No such helper "snmp_trap"
[  590.909224][ T4400] bond1: (slave bridge1): failed to get link speed/duplex
[  591.127666][    T9] bond1: (slave bridge1): failed to get link speed/duplex
[  591.261975][ T4315] bond1: (slave bridge1): failed to get link speed/duplex
[  591.391793][ T4340] bond1: (slave bridge1): failed to get link speed/duplex
[  591.734962][T10035] device bridge_slave_1 left promiscuous mode
[  591.755052][T10035] bridge0: port 2(bridge_slave_1) entered disabled state
[  591.880928][T10035] device bridge_slave_0 left promiscuous mode
[  591.920463][T10035] bridge0: port 1(bridge_slave_0) entered disabled state
[  592.270665][ T4300] net_ratelimit: 3 callbacks suppressed
[  592.270684][ T4300] bond1: (slave bridge1): failed to get link speed/duplex
[  592.681800][T10047] loop0: detected capacity change from 0 to 16
[  592.711899][ T4300] bond1: (slave bridge1): failed to get link speed/duplex
[  593.702948][ T4400] bond1: (slave bridge1): failed to get link speed/duplex
[  593.736739][T10047] erofs: (device loop0): mounted with root inode @ nid 36.
[  594.394204][ T4400] bond1: (slave bridge1): failed to get link speed/duplex
[  594.702301][T10053] loop6: detected capacity change from 0 to 1024
[  594.864513][ T4419] bond1: (slave bridge1): failed to get link speed/duplex
[  595.338063][    T9] bond1: (slave bridge1): failed to get link speed/duplex
[  595.531589][    T9] bond1: (slave bridge1): failed to get link speed/duplex
[  596.009442][T10053] hfsplus: unable to parse mount options
[  596.134497][ T4400] bond1: (slave bridge1): failed to get link speed/duplex
[  596.267121][ T4400] bond1: (slave bridge1): failed to get link speed/duplex
[  596.404908][ T4400] bond1: (slave bridge1): failed to get link speed/duplex
[  596.872365][T10075] loop6: detected capacity change from 0 to 512
[  596.921858][T10075] EXT4-fs (loop6): Ignoring removed orlov option
[  596.942417][T10075] EXT4-fs (loop6): Test dummy encryption mode enabled
[  596.969213][T10075] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  597.022200][T10075] EXT4-fs (loop6): 1 truncate cleaned up
[  597.034562][T10075] EXT4-fs (loop6): mounted filesystem without journal. Opts: quota,quota,barrier=0x0000000000000003,orlov,test_dummy_encryption=v1,jqfmt=vfsv1,,errors=continue. Quota mode: writeback.
[  598.047359][ T4340] net_ratelimit: 8 callbacks suppressed
[  598.047466][ T4340] bond1: (slave bridge1): failed to get link speed/duplex
[  598.126332][T10072] orangefs_mount: mount request failed with -4
[  598.331779][ T4400] bond1: (slave bridge1): failed to get link speed/duplex
[  598.654066][ T4340] bond1: (slave bridge1): failed to get link speed/duplex
[  598.916255][ T4419] bond1: (slave bridge1): failed to get link speed/duplex
[  599.012291][   T26] kauditd_printk_skb: 12 callbacks suppressed
[  599.012305][   T26] audit: type=1326 audit(2000000001.057:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10085 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac3fa1a629 code=0x7ffc0000
[  599.057599][ T4315] bond1: (slave bridge1): failed to get link speed/duplex
[  599.151272][   T26] audit: type=1326 audit(2000000001.057:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10085 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac3fa1a629 code=0x7ffc0000
[  599.177626][ T4300] bond1: (slave bridge1): failed to get link speed/duplex
[  599.288199][   T26] audit: type=1326 audit(2000000001.057:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10085 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac3fa1a629 code=0x7ffc0000
[  599.311248][   T26] audit: type=1326 audit(2000000001.057:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10085 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac3fa1a629 code=0x7ffc0000
[  599.344569][ T4400] bond1: (slave bridge1): failed to get link speed/duplex
[  600.454235][   T26] audit: type=1326 audit(2000000001.057:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10085 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac3fa1a629 code=0x7ffc0000
[  600.489766][ T4300] bond1: (slave bridge1): failed to get link speed/duplex
[  600.619155][   T26] audit: type=1326 audit(2000000001.057:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10085 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac3fa1a629 code=0x7ffc0000
[  600.787093][   T26] audit: type=1326 audit(2000000001.057:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10085 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7fac3fa1a629 code=0x7ffc0000
[  600.940034][   T26] audit: type=1326 audit(2000000001.057:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10085 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac3fa1a629 code=0x7ffc0000
[  600.984448][   T26] audit: type=1326 audit(2000000001.057:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10085 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac3fa1a629 code=0x7ffc0000
[  600.988844][ T4300] bond1: (slave bridge1): failed to get link speed/duplex
[  601.062363][   T26] audit: type=1326 audit(2000000001.057:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10085 comm="syz.1.1435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac3fa1a629 code=0x7ffc0000
[  601.258238][ T4419] bond1: (slave bridge1): failed to get link speed/duplex
[  603.809957][T10135] delete_channel: no stack
[  603.815206][T10135] delete_channel: no stack
[  603.834192][ T4340] net_ratelimit: 10 callbacks suppressed
[  603.834210][ T4340] bond1: (slave bridge1): failed to get link speed/duplex
[  603.921565][T10140] loop0: detected capacity change from 0 to 16
[  604.092553][T10147] netlink: 209844 bytes leftover after parsing attributes in process `syz.6.1457'.
[  605.648019][T10140] erofs: (device loop0): erofs_read_inode: unsupported datalayout 6 of nid 36
[  605.664124][ T4400] bond1: (slave bridge1): failed to get link speed/duplex
[  607.096726][T10149] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1448'.
[  607.105827][T10149] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1448'.
[  607.114812][T10149] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1448'.
[  607.123903][T10149] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1448'.
[  607.132906][T10149] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1448'.
[  607.141910][T10149] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1448'.
[  607.150967][T10149] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1448'.
[  607.159981][T10149] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1448'.
[  607.169034][T10149] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1448'.
[  608.599171][ T4317] bond1: (slave bridge1): failed to get link speed/duplex
[  610.139160][ T4315] bond1: (slave bridge1): failed to get link speed/duplex
[  610.467066][ T4340] bond1: (slave bridge1): failed to get link speed/duplex
[  610.753506][ T4300] bond1: (slave bridge1): failed to get link speed/duplex
[  610.998983][ T4315] bond1: (slave bridge1): failed to get link speed/duplex
[  611.388396][ T4317] bond1: (slave bridge1): failed to get link speed/duplex
[  611.616757][ T4419] bond1: (slave bridge1): failed to get link speed/duplex
[  611.875209][ T4419] bond1: (slave bridge1): failed to get link speed/duplex
[  612.003767][ T4419] bond1: (slave bridge1): failed to get link speed/duplex
[  612.119170][ T4317] bond1: (slave bridge1): failed to get link speed/duplex
[  612.248527][ T4300] bond1: (slave bridge1): failed to get link speed/duplex
[  613.051704][T10202] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  613.345252][T10214] loop6: detected capacity change from 0 to 1024
[  613.432436][T10215] autofs4:pid:10215:autofs_fill_super: called with bogus options
[  613.713091][T10214] hfsplus: failed to load root directory
[  614.406826][   T26] kauditd_printk_skb: 59 callbacks suppressed
[  614.406841][   T26] audit: type=1107 audit(2000000015.798:203): pid=10213 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  615.497294][ T4317] net_ratelimit: 23 callbacks suppressed
[  615.497319][ T4317] bond1: (slave bridge1): failed to get link speed/duplex
[  615.689717][   T26] audit: type=1326 audit(2000000016.406:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10222 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  615.724917][   T26] audit: type=1326 audit(2000000016.416:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10222 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  615.748344][   T26] audit: type=1326 audit(2000000016.416:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10222 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  615.770806][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  616.240789][   T26] audit: type=1326 audit(2000000016.416:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10222 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  616.264546][   T26] audit: type=1326 audit(2000000016.416:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10222 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  616.337490][   T26] audit: type=1326 audit(2000000016.416:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10222 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  616.360193][ T4317] bond1: (slave bridge1): failed to get link speed/duplex
[  616.371011][   T26] audit: type=1326 audit(2000000016.416:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10222 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=311 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  616.418500][T10239] __nla_validate_parse: 75 callbacks suppressed
[  616.418517][T10239] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1473'.
[  616.526470][T10240] device wg1 left promiscuous mode
[  616.559808][T10240] tipc: Resetting bearer <eth:syzkaller0>
[  616.571157][   T26] audit: type=1326 audit(2000000016.416:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10222 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  616.693772][T10240] batman_adv: batadv0: Interface deactivated: gretap1
[  617.250648][    T9] bond1: (slave bridge1): failed to get link speed/duplex
[  617.311263][   T26] audit: type=1326 audit(2000000016.416:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10222 comm="syz.0.1468" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c20e78629 code=0x7ffc0000
[  617.379013][ T4317] bond1: (slave bridge1): failed to get link speed/duplex
[  617.517960][ T4317] bond1: (slave bridge1): failed to get link speed/duplex
[  617.678201][ T4317] bond1: (slave bridge1): failed to get link speed/duplex
[  617.818665][ T4315] bond1: (slave bridge1): failed to get link speed/duplex
[  618.559902][ T4315] bond1: (slave bridge1): failed to get link speed/duplex
[  618.625232][T10272] loop0: detected capacity change from 0 to 128
[  618.915382][ T4419] bond1: (slave bridge1): failed to get link speed/duplex
[  619.789137][T10267] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1479'.
[  620.100965][T10272] EXT4-fs (loop0): mounted filesystem without journal. Opts: usrquota,nodelalloc,,errors=continue. Quota mode: writeback.
[  620.612170][T10272] ext4 filesystem being mounted at /292/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  621.253615][    T9] net_ratelimit: 4 callbacks suppressed
[  621.253635][    T9] bond1: (slave bridge1): failed to get link speed/duplex
[  621.675215][ T4317] bond1: (slave bridge1): failed to get link speed/duplex
[  621.731020][T10310] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1486'.
[  621.889081][ T4400] bond1: (slave bridge1): failed to get link speed/duplex
[  627.877099][T10310] bridge0: port 2(bridge_slave_1) entered disabled state
[  627.884460][T10310] bridge0: port 1(bridge_slave_0) entered disabled state
[  742.330534][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  742.337522][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P4317/1:b..l
[  742.346118][    C1] 	(detected by 1, t=10502 jiffies, g=26249, q=26)
[  742.352622][    C1] task:kworker/u4:8    state:R  running task     stack:21264 pid: 4317 ppid:     2 flags:0x00004000
[  742.365063][    C1] Workqueue: bat_events batadv_nc_worker
[  742.370730][    C1] Call Trace:
[  742.374017][    C1]  <TASK>
[  742.376965][    C1]  __schedule+0x11ef/0x43c0
[  742.381505][    C1]  ? release_firmware_map_entry+0x190/0x190
[  742.387507][    C1]  ? preempt_schedule_irq+0xb0/0x160
[  742.392796][    C1]  preempt_schedule_irq+0xbb/0x160
[  742.397911][    C1]  ? __cond_resched+0xd0/0xd0
[  742.402769][    C1]  ? rcu_irq_exit_check_preempt+0xdb/0x200
[  742.408573][    C1]  irqentry_exit+0x63/0x70
[  742.412987][    C1]  asm_sysvec_reschedule_ipi+0x16/0x20
[  742.418446][    C1] RIP: 0010:lock_acquire+0x208/0x400
[  742.423729][    C1] Code: f7 84 24 80 00 00 00 00 02 00 00 43 c6 44 3d 04 f8 0f 85 f1 00 00 00 41 f7 c6 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 44 3d 00 00 00 00 00 43 c7 44 3d 08 00 00 00 00 65 48 8b 04
[  742.443337][    C1] RSP: 0018:ffffc9000323fa40 EFLAGS: 00000206
[  742.449410][    C1] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 8c695782967db700
[  742.457377][    C1] RDX: 0000000000000000 RSI: ffffffff8a2b3a20 RDI: ffffffff8a79f800
[  742.465345][    C1] RBP: ffffc9000323fb58 R08: dffffc0000000000 R09: 1ffffffff203a618
[  742.473312][    C1] R10: dffffc0000000000 R11: fffffbfff203a619 R12: ffffffff8c31eaa0
[  742.481284][    C1] R13: 1ffff92000647f54 R14: 0000000000000246 R15: dffffc0000000000
[  742.489278][    C1]  ? rcu_lock_release+0x5/0x20
[  742.494043][    C1]  ? read_lock_is_recursive+0x10/0x10
[  742.499416][    C1]  ? __lock_acquire+0x7d10/0x7d10
[  742.504444][    C1]  ? do_raw_spin_unlock+0x11d/0x230
[  742.509645][    C1]  ? batadv_nc_fwd_flush+0x330/0x330
[  742.514931][    C1]  rcu_lock_acquire+0x2a/0x30
[  742.519605][    C1]  ? rcu_lock_acquire+0x5/0x30
[  742.524366][    C1]  batadv_nc_process_nc_paths+0xb2/0x350
[  742.530004][    C1]  batadv_nc_worker+0x4e4/0x5c0
[  742.534860][    C1]  process_one_work+0x85f/0x1010
[  742.539812][    C1]  ? worker_detach_from_pool+0x240/0x240
[  742.545441][    C1]  ? lockdep_hardirqs_off+0x70/0x100
[  742.550726][    C1]  ? _raw_spin_lock_irq+0xb7/0xf0
[  742.555746][    C1]  ? _raw_spin_lock_irqsave+0x100/0x100
[  742.561291][    C1]  ? wq_worker_running+0x97/0x170
[  742.566314][    C1]  worker_thread+0xaa6/0x1290
[  742.571000][    C1]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  742.576901][    C1]  kthread+0x436/0x520
[  742.580967][    C1]  ? rcu_lock_release+0x20/0x20
[  742.585815][    C1]  ? kthread_blkcg+0xd0/0xd0
[  742.590404][    C1]  ret_from_fork+0x1f/0x30
[  742.594835][    C1]  </TASK>
[  742.597848][    C1] rcu: rcu_preempt kthread starved for 10437 jiffies! g26249 f0x0 RCU_GP_DOING_FQS(6) ->state=0x0 ->cpu=1
[  742.609120][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  742.619081][    C1] rcu: RCU grace-period kthread stack dump:
[  742.624960][    C1] task:rcu_preempt     state:R  running task     stack:27800 pid:   15 ppid:     2 flags:0x00004000
[  742.635735][    C1] Call Trace:
[  742.639007][    C1]  <TASK>
[  742.641938][    C1]  __schedule+0x11ef/0x43c0
[  742.646445][    C1]  ? lockdep_hardirqs_off+0x70/0x100
[  742.651734][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  742.656939][    C1]  ? release_firmware_map_entry+0x190/0x190
[  742.662829][    C1]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  742.668808][    C1]  ? lock_chain_count+0x20/0x20
[  742.673655][    C1]  ? preempt_schedule+0xbc/0xd0
[  742.678506][    C1]  preempt_schedule_common+0x82/0xd0
[  742.683787][    C1]  preempt_schedule+0xbc/0xd0
[  742.688462][    C1]  ? schedule_preempt_disabled+0x20/0x20
[  742.694092][    C1]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  742.699727][    C1]  preempt_schedule_thunk+0x16/0x18
[  742.704930][    C1]  _raw_spin_unlock_irqrestore+0x10d/0x120
[  742.710745][    C1]  ? _raw_spin_unlock+0x40/0x40
[  742.715602][    C1]  ? finish_swait+0xc0/0x1d0
[  742.720190][    C1]  rcu_gp_fqs_loop+0x6e5/0x11d0
[  742.725048][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  742.730264][    C1]  ? dyntick_save_progress_counter+0x230/0x230
[  742.736414][    C1]  ? rcu_gp_init+0x10f0/0x10f0
[  742.741176][    C1]  ? _raw_spin_unlock_irq+0x1f/0x40
[  742.746373][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  742.751572][    C1]  rcu_gp_kthread+0x9b/0x370
[  742.756162][    C1]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  742.762062][    C1]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  742.767170][    C1]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  742.773070][    C1]  ? __kthread_parkme+0x157/0x1b0
[  742.778094][    C1]  kthread+0x436/0x520
[  742.782159][    C1]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  742.787314][    C1]  ? kthread_blkcg+0xd0/0xd0
[  742.791922][    C1]  ret_from_fork+0x1f/0x30
[  742.796367][    C1]  </TASK>
[  742.799389][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  742.805712][    C1] NMI backtrace for cpu 1
[  742.810081][    C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted syzkaller #0
[  742.817104][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  742.827169][    C1] Call Trace:
[  742.830468][    C1]  <IRQ>
[  742.833317][    C1]  dump_stack_lvl+0x188/0x250
[  742.838173][    C1]  ? show_regs_print_info+0x20/0x20
[  742.843386][    C1]  ? load_image+0x400/0x400
[  742.847897][    C1]  ? irq_work_queue+0xbf/0x140
[  742.852673][    C1]  nmi_cpu_backtrace+0x3a2/0x3d0
[  742.857619][    C1]  ? nmi_trigger_cpumask_backtrace+0x280/0x280
[  742.863773][    C1]  ? _printk+0xda/0x130
[  742.867934][    C1]  ? cpu_online+0x1d/0x30
[  742.872262][    C1]  ? load_image+0x400/0x400
[  742.876772][    C1]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  742.882847][    C1]  nmi_trigger_cpumask_backtrace+0x163/0x280
[  742.888829][    C1]  rcu_check_gp_kthread_starvation+0x1cd/0x250
[  742.894988][    C1]  print_other_cpu_stall+0x1110/0x1270
[  742.900461][    C1]  ? print_cpu_stall+0x5f0/0x5f0
[  742.905396][    C1]  ? timekeeping_advance+0x7f6/0xac0
[  742.910693][    C1]  rcu_sched_clock_irq+0x843/0x1120
[  742.915892][    C1]  ? rcutree_dead_cpu+0x20/0x20
[  742.920746][    C1]  ? account_process_tick+0x22a/0x3a0
[  742.926120][    C1]  update_process_times+0x193/0x200
[  742.931320][    C1]  tick_sched_timer+0x37d/0x560
[  742.936182][    C1]  ? tick_setup_sched_timer+0x2c0/0x2c0
[  742.941726][    C1]  __hrtimer_run_queues+0x4ad/0xb70
[  742.946947][    C1]  ? hrtimer_interrupt+0x8d0/0x8d0
[  742.952065][    C1]  ? ktime_get_update_offsets_now+0x3ce/0x3e0
[  742.958140][    C1]  hrtimer_interrupt+0x3bb/0x8d0
[  742.963097][    C1]  __sysvec_apic_timer_interrupt+0x137/0x4a0
[  742.969076][    C1]  sysvec_apic_timer_interrupt+0x9b/0xc0
[  742.974714][    C1]  </IRQ>
[  742.977640][    C1]  <TASK>
[  742.980566][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  742.986570][    C1] RIP: 0010:default_idle+0xb/0x10
[  742.991759][    C1] Code: b7 48 89 df e8 16 b5 f8 f7 eb ad e8 4f af f6 ff 00 00 cc cc 00 00 cc cc 00 00 cc cc 00 00 cc 66 90 0f 00 2d 77 56 60 00 fb f4 <c3> 0f 1f 40 00 41 57 41 56 53 49 be 00 00 00 00 00 fc ff df 65 48
[  743.011373][    C1] RSP: 0018:ffffc90000d67d48 EFLAGS: 000002c2
[  743.017452][    C1] RAX: 413f85aa49930b00 RBX: ffff888016e98000 RCX: 413f85aa49930b00
[  743.025425][    C1] RDX: 0000000000000001 RSI: ffffffff8a2b2780 RDI: ffffffff8a79f800
[  743.033395][    C1] RBP: ffffc90000d67e80 R08: ffff8880b913b30b R09: 1ffff11017227661
[  743.041369][    C1] R10: dffffc0000000000 R11: ffffed1017227662 R12: 1ffff11002dd3000
[  743.049344][    C1] R13: dffffc0000000000 R14: 0000000000000001 R15: 1ffff920001acfb4
[  743.057382][    C1]  default_idle_call+0x81/0xc0
[  743.062259][    C1]  do_idle+0x21f/0x580
[  743.066338][    C1]  ? idle_inject_timer_fn+0x60/0x60
[  743.071536][    C1]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  743.077625][    C1]  ? schedule_idle+0x57/0x90
[  743.082216][    C1]  cpu_startup_entry+0x14/0x20
[  743.086978][    C1]  start_secondary+0x330/0x430
[  743.091748][    C1]  ? arch_scale_freq_tick+0x120/0x120
[  743.097125][    C1]  secondary_startup_64_no_verify+0xb1/0xbb
[  743.103030][    C1]  </TASK>