last executing test programs:

4m55.440966437s ago: executing program 3 (id=202):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff1100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001011404000011000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a296820000000001000000eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e180022537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e2603217606637ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa2059234a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bd9d736c00000000000000000000000000000000eb6fec8d7d2f77f4d470a9caa5b1bfc00cd1d40830ac35f229f8ffe1c02a63d3c2d9"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x57)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x702, 0xe, 0x700, &(0x7f0000000540)="e460334470b8d480eb00c15286dd", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

4m54.547242809s ago: executing program 3 (id=206):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r3, 0x1, 0xa, &(0x7f00000001c0), 0x4)

4m53.628691142s ago: executing program 3 (id=216):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x80)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={r1, r3, 0x16, 0x0, @void}, 0x10)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@ccm_128={{0x303}, "32bed0613773c26f", "59be70b0141cba8835b9301f68af0b15", "13921848", "c9f7048e21bb5f9a"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000680)=@ccm_128={{0x303}, "edf9cf3025afd883", "96f9818e689ded0e0289075c2745e0df", "f79f22f4", "7bab0316c790dae4"}, 0x28)

4m53.593635164s ago: executing program 3 (id=217):
syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x201000a, &(0x7f0000000300)=ANY=[], 0x1, 0x236, &(0x7f0000000000)="$eJzs3TFrE2EYB/DHNm1DFjuLw4GLU1C/wSEVxAMhkkEnD6pLK8J1OZ3uY/gZ/Eh+jEzdTpIrTRujiyav6f1+EPInfw6ey5A3w/sm7x9+Ojv9fPGx/fEthsMsBhFNXEYcx17sR+fe1fPeIh/GTU0AALtmMinz1DOwWVWVlwcRcfRLM/2eZCAAAAAAAAAAAAD+mv3/ANA/9v/ffVWVl6Or72+32f8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAApHPZtvfbPzxSzwcA/HvWfwDoH+s/APSP9R8A+ufN23ev8qI4mWTZMGLW1O381VlTTyNGEfHiZXHyJFs4Xl41q+vp/iLN+6ddn93uD66vf7a2P4zHj7p+3j1/Xaz0R3G6jTcAAAAAAAAAAAAAAAAAAAAA/gPj7Nra8/3j8e/6Lt34fYCV8/uDeDDY2m0AAAAAAAAAAAAAAAAAAADATrv48vWsPD//UAmC0NMwWlOl/mQCAAAAAAAAAAAAAAAAAID+WR76TT0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKSz/P//zYXU9wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0w88AAAD//9vbk2A=")
ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc018aa06, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x4008800)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x99501e, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000001a40)={0x2020}, 0x2020)

4m53.483342711s ago: executing program 3 (id=219):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002e00)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000008009500f10100000000487591731cba12c07d57d995b61e89a4530f92344f242b416ae9eeefc0e9c6f203cb1276bfdbb4ddffffff7f82dc2b938189a7ca02f732e4c2eab72bf40c0682fd0a0c4ac106b29e220dc2880072599456d4c4e6f3fe684ab8373bb4df9d72876ef3834293812e927c01c7da1322da44c7f2ed1084a12f56d1cb39df9858037458a4ca037604007600b6be484e4c9517af216bd8ed42f7dd01008e49f4a94608c9a20819e02fc22e6be45574d4ed88b37ab8d7674c644dca2f1b4d745fd95c41f9dfc1adafd1e5a3e7f2e898961cb43e438c4e41ae43ea118e14ffffffffe4b8a80366ce5401ec61921a1b529cc8b99bffffb1ac006c67767b03b95151aeb89e6d4a43c625aa228504e4afd8c1cc3eb215ba22f43115f4d39dc7beedb130d9f2be90133a4500000058b8c9370634060105baa664953514605fba3973aa021945b985a8a66e0200000057033815717b4fdbe55b37cb8d7f41aacfbd4089ea1bd22440f64909a09b5a759a703e71f358e11ac8e13db15d792e604a4f279b3bd6621bdf2c17bc0400001000000000ff8d81006200607a9a76e5d9656a7154c75773902a1bdf399df3925130312d095e9c1f973d091c198c1a11edb6b3cc425fe203d2f2655a76865c2c34e2470fcfb1248c0add5431a7fbcb0ef4f66a09af93a09fab1daae4b518d7a5d95a017864010067d6bab101446ebfe3fdeed7ee7bb0749cacf56cf27409c60fca2e0004000000000000a9cb6f4a78444986f9b1ab61f9dab53038010000004abbfc59d6d1b18fe380df4bf024f120bd755d82033f2fb7d8fc9e0de834f7646c8dd27da1297d0c77b294e097e293db7f002c0024ab2fb4d32972cba6f49051cec1ff5d16231bbb90a2d201a500000000000000007700b06fa191ebd3a0c2ef0058ffebd7cc4cf80f74a7cdac01d998c24f34a5ba9a4a2039d0416e3f8107671141ffffffe0c7d8e94a27a06a4e3d9acee835fd0571e5bbb3e6d2b5eba505000000968983811f832dc5390f83e817c602c4f1f0d0504255c22ee8674053d0e160e5255366139bbe5863e23c3dd42d21f542816edf56a93d0a7e6f08f9ffffff64875fea6ff57ba6ae25c5e8ca4f78d5a01308243b08f1caa46be5244d64f8e875857f083144c642f71cdc8e5634c1360c056430fe77ee7ed7ac1f9743786b2fb8e0fcfcc3d36c93230b7b1da97c971c8c84a427edc3492b97e73d2060acfd8145e4a5851bc4d6fdc5ad939d7795f3879baa88bd194d48e50c84892c97c800d156b059a718f6b10274b077a710f27ab8ee953de70ea860b74a0f3c3dc11177b11cc2e62a95f1ecf607a8dc38e525f415a1bd46b38845ebca04061bacbf627f7975fe599678fee48f83b5989543729e3600000000bc86cd51704f309130f534741377ea7b7bea3c46c0c4c4b7c27c5d057d95ac85a41cdcee8e6fa31f7d2137ed1fb4b21c13b9a2c5e3f7c9ef9e45a35adbf0b9312be929863f000000000000004a82bc080de1f87808d0711dd76f2977ca7f2684bfa5c14a0cd6f1f561e34e4e8e51e81d4a355a7d00d917c16a2bb0cfb2b5f59dfead7ac6e7fa84746e2e425769b9ee2c8ff10e934847604d930f62924d0562ce17f6dadf5053ed8f33092a41bb46e1878c5295fecc27f9c6d1f62da58c0002ea00000000009aa38a05e70591d5cdab1c488ef3c1984c7c0a566cfc2a080000009ec206a54fb49056a555414178ef00d8b8f3c59f01eb5d83415994efcc6ec4b3c275cd6b1b5ff82ef7d7abb1d218e7a1d0afa285706841aac9ccc89df41c39dd58dd70569dde45f8adeaad7d3328fbb6e279f745d2872f0208635e465ca443c3a64c7803760880af23fb3f430a0311fffc96dd13b951642f1433f65b4e170a62a5f7b7d0f9d5cef0d17289c43d4aee0001f7a343899434594cc23e1c864164e130754b337e560f285dc670a31241bf657babf0615b85dc200a10294b7d5885b43ac62fc7f97a85586168483427072a535f2c7481ec261c00f725de74e48d9a86f7d4a5d28da3f099ca3e6472b9d7c86d961f525f799b4517141f018af0673b8296f867eca1ec07be11bc497a6f7d2b752bcf77c2908b64630e7fa0c2261bc2d5de32ab6bbcf296d36807544aa7c3d3301fe227b713a371414c98695e559f9cbf6b046184064a5f24a4cc6f41f21fc24a3ad7d20a89e00a9dc99a40f890869d35fba3ce6f297661d3f8ba21c65badf55d1859581f9e7ef3e2693b46a8fc85be061ce79a08002c04dc04de8b6536123b24be2ef80eb06b2db900fb30596c1574b2a31f81d61ccfd58080d2330b9c7b87b5d17d48c32daffead3414b91603e250eeedc7d601000000037426f643797be3e93da96b5643d3feed0b7c885d06006b830d7cbf3152f27522f5142dcc84a9e48a07518f0142167abf5d6685d09945cbc778bcc3e7dcfaee5d9c1689a3bafc0d3b51b5a3bfd6007954c36d532960964183842601e5364ecb6ad9168040388c7640bfa2f88643de7eebf4da8d1c3e76daace5217761d933d06bbe9609fcf5971aa1e77c3123910e63daaadd8878ad468eabaf78a96012a4ada1a9cd217fb2a0da2d521454ea9e8fcd3b5badfd6f00003a73345b841d04a02bf441955b932c59608a555bc44873272812e0fb874618a0b56b4cf44990f60000000000000000000000b20000da0ca6797590ed13b0bccf71a39e05e877893646d185a77882f866785af6b0149e336c31fb177e3e85f4c60cd4de4ce6ea73a95f434328620fa493937386ad2e2a0d60eb815aa05c33e02c32276dab36d14c63af66a31409ab2a403ec3c7a4e07bd745efa2835a8c932f22aa6da40af9bcdf808b916bc8deb37d5b8c422b65c42d17e61751c561ce775a31b52703d398d52694cfbb7d2b3791b030093b321d9f16b2f06676cf94d75cbba6491ae0b5a16ce92320321314d8d2e88d1cd7e7b1216bdaecba309a38e107103e649d46958cc6ba2d660dd41b78d832beb7206ae01508377273ea96e40760410aeed1866971e04f578e9d856d01000000045aea928f5f669be0636dc3f34f90c34531735f271527412d1ae755a9243da523d713071f9370b509a34eeb46415b2f0d271a7072cbd17e293f20132e6c15756e92776c6a0d7c3a9f512ce17edf3f1ea190853bbf93e220a6ce968b79d504c057000e7d8f8249a8158e68a90bbea8bfab2bd3c067c28e185fe62ce7020f5282cf045b9c790984c6fb65fd3187bd8bfcbe663df6b7770000f58fbad41e6eee5c9595950c4172b9c925403b2f99bbf3cb1981bb0d14bded8eae35e08278020a1ec7f508628056fd3d408a02a1cf8594bcbb21a88f477673442804f714212d000045b9f563b5352fe460a30489b1b6a6d37daead86151492f7fd4b5c64007b68a1b04027eac124478a2ef7f59fe472795785de83578cb96334e0f7c1370dc397d3aa42d937b5718b7610cdcdfe104db7801ec74980b8b111a2748321f81512e4204eb2b024b9fc9e0f257f8c6037b93b2caa236d4354b32434d5a6b01e00000000ee2ea723ea2e1accb97a200609c77e0000000000000000d3a54ccd6e13a966801e9341260d6cbce5fe03999214462cbaa297448677ab659102d0f430fbeae119a7ef2e962d2829d4dd2201c4b30d491269594c88252fbd09aced90609851bd9e5c307e7e0d39e73579c1f3563eff1a6237d3699d61acdc8e36010d76093ddd237df1c4181b0a0c4543b4249e9ff2f5e8b5e0ba2048d542de40f643fda4036124b8feb2dd45d0fa52300518c8052cc09ad73f89734fce82cc627356aa2c651ed2644f34cfbc32e8b29cf29e895e43b473ddb9a43421b4b25f8bbce8e2d7cb8547d156d5972021ae4c9e30f85413276ddebde55999d2ec3c524632b74d703147ba09e0dcb26c4b89636d28428b67e955f53bfd0c9eeb7a9d17000000000096cd8ecf1c511eea07aefa1c5cae1841efa9329d80eafefe00000000000000009111274a44c722ff9f5151aa7cb99ea3e8b2c51eadbd2d0ba1a25b08cc3e67cd186c12ea62a55ff905388bb30d1a63d42593c9aea3a84f5a6fc470d8aaaafeccb373ca26c3685679e6a048af19fca3fc5315a33687"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x222}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe28, 0xfffffffffffffff5, &(0x7f0000000980)="b0ff04c66b0d698cb89e2fe086dd1f74ffff06000000fe80000000000000ac14140746647b7954c4c06b580febc28eb143d0f6c0bad62c67a04402ba4125c7024f63fdb0b6c8ee826b4dfe6042a2f057c66cad677d850ea9928bcfcb47e585e427746ed3b27c40060cbd030a6d675c9926af53cd3085b24f9b7a486775c4f284f8c5a572ca115bce90c0ee9d4e7a07f5f1518092cb1f156694036f6618a59196631e6303fd5307d1112601d3641c9492f7dc3503416836b14590c53b1fc1ac149b70cc1142d6bc57fc3a76839fa2f96878b520fedfb9f64d81584a2e85ab4f6ec718b02d78f2ebf04e6b3b94610a21616181629a03c3dc0bf05e0a71f887833b81db7a10bc53259cb80716f6804934a411d424c1db98d454be1adb2776fdbb92b299d3b80af6987a871b4549fdb4c8297ee31ad925c8b0fb1a9d2589b08ed52602cbc26b56df71201bc4ea8621c56f33d251c1d4589af2dcd78fbb4e34bde02cb3920a30cee9489ee72c3e19304c16c2110e1839712d484b80abe77786a7e2ba834874a4e16b93dd07297554a06c2ad2c906f8ebb1db8730df096709184728d48f0a806696bd0d4b12d0064b933d9675353dae77fe8419451f85da63be78b70ca2a84a77f572d9f289d4313e6f6039fe756ac13a5d08838315dff44cda433cc7bc6b77449f8c", 0x0, 0x2f, 0xe8034000, 0xf000, 0xfffffffffffffe2a, &(0x7f0000000000), &(0x7f00000000c0)="c6769e45b7c61302926682c7f9e9bb5ba2b3cdf023e8da0392a4cd62e2370f25ae5ba0dab896bcf5b774cd28bebbde39f796ae27d04582bb7c03e9fe830ea22c9fd03f6d2779515fdad3f5d0de07b7b70996102fdb67b1e77a34a5b7136a212fa2c0ea502588309dc3e42c55a6f93e6ba5e1b492f9db48f0fdd2f9fb937b3e8a63dcf9dd855837433998ba579da27559", 0x5dc}, 0x28)

4m52.992898979s ago: executing program 3 (id=222):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
socket$can_bcm(0x1d, 0x2, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, 0x0, 0x0)
socket(0x10, 0x803, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0xff, 0x7, 0x7fc00002}]})
membarrier(0x10, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000640)={<r1=>0x0})
r2 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000080)={r1, 0x1, r2, 0x3, 0x80000})

4m52.925208483s ago: executing program 32 (id=222):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
socket$can_bcm(0x1d, 0x2, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, 0x0, 0x0)
socket(0x10, 0x803, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0xff, 0x7, 0x7fc00002}]})
membarrier(0x10, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000640)={<r1=>0x0})
r2 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000080)={r1, 0x1, r2, 0x3, 0x80000})

4m48.169005909s ago: executing program 4 (id=268):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x6e22, 0x9, @empty, 0x6}, 0x1c)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x5e22, 0x0, @empty}, 0x1c)
listen(r1, 0x5)
listen(r0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x1a, &(0x7f0000000080)=0x2, 0x4)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r2, &(0x7f0000000540)={0xa, 0x4e22, 0x7, @empty, 0x200}, 0x1c)
listen(r2, 0x0)

4m47.81886372s ago: executing program 4 (id=270):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0xb}]}, 0x24}, 0x1, 0x0, 0x0, 0x400c000}, 0x0)
sendmsg$NL80211_CMD_JOIN_OCB(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x24, r3, 0x1, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_WIPHY_FREQ={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000004}, 0x448d0)
syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000400))
r5 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r5, 0x8914, &(0x7f0000000000)={'wlan1\x00'})

4m42.959937402s ago: executing program 4 (id=286):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
close(0x3)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmsg$inet6(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
pipe2$9p(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RSETATTR(r3, &(0x7f0000000000)={0x7, 0x1b, 0x5}, 0xb6)
splice(r2, 0x0, r0, 0x0, 0x20000000000002, 0x2)

4m42.834287429s ago: executing program 4 (id=273):
syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x201000a, &(0x7f0000000300)=ANY=[], 0x1, 0x236, &(0x7f0000000000)="$eJzs3TFrE2EYB/DHNm1DFjuLw4GLU1C/wSEVxAMhkkEnD6pLK8J1OZ3uY/gZ/Eh+jEzdTpIrTRujiyav6f1+EPInfw6ey5A3w/sm7x9+Ojv9fPGx/fEthsMsBhFNXEYcx17sR+fe1fPeIh/GTU0AALtmMinz1DOwWVWVlwcRcfRLM/2eZCAAAAAAAAAAAAD+mv3/ANA/9v/ffVWVl6Or72+32f8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAApHPZtvfbPzxSzwcA/HvWfwDoH+s/APSP9R8A+ufN23ev8qI4mWTZMGLW1O381VlTTyNGEfHiZXHyJFs4Xl41q+vp/iLN+6ddn93uD66vf7a2P4zHj7p+3j1/Xaz0R3G6jTcAAAAAAAAAAAAAAAAAAAAA/gPj7Nra8/3j8e/6Lt34fYCV8/uDeDDY2m0AAAAAAAAAAAAAAAAAAADATrv48vWsPD//UAmC0NMwWlOl/mQCAAAAAAAAAAAAAAAAAID+WR76TT0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKSz/P//zYXU9wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0w88AAAD//9vbk2A=")
ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc018aa06, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x4008800)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x99501e, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000001a40)={0x2020}, 0x2020)

4m42.762578043s ago: executing program 4 (id=275):
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000840)=@newlink={0x44, 0x10, 0x403, 0x0, 0x1, {0x0, 0x0, 0x0, 0x0, 0x22c20}, [@IFLA_VFINFO_LIST={0xc, 0x16, 0x0, 0x1, [{0x8, 0x1, 0x0, 0x1, [@IFLA_VF_VLAN_LIST={0x4}]}]}, @IFLA_IFALIASn={0x4}, @IFLA_IFNAME={0x14, 0x3, 'ip6gre0\x00'}]}, 0x44}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="8000000000010104000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002007f0000010c0002800500010000000000080007"], 0x80}}, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000020c0)='net/nf_conntrack\x00')
read$FUSE(r3, &(0x7f0000000000)={0x2020}, 0x2020)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x8c}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x48}], {0x95, 0x0, 0x9}}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xd9, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x85}, 0x52)

4m40.76002674s ago: executing program 4 (id=289):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000340)=0x6)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000100)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r2, &(0x7f00000000c0)={&(0x7f0000000080)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)

4m40.563890421s ago: executing program 33 (id=289):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000340)=0x6)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000100)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r2, &(0x7f00000000c0)={&(0x7f0000000080)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)

8.309970107s ago: executing program 0 (id=1747):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
unshare(0xa000200)
r3 = semget$private(0x0, 0x4000, 0x0)
semctl$IPC_RMID(r3, 0x0, 0x0)

6.69696906s ago: executing program 0 (id=1740):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="440000001000010027bd70010000000000000000", @ANYRES32=0x0, @ANYBLOB="000000000021000008001b00000000001c001a80130002"], 0x44}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

6.659659353s ago: executing program 6 (id=1745):
openat(0xffffffffffffff9c, 0x0, 0x101142, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x1b, &(0x7f00000000c0)={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}, 0xe}, 0x20)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r4, 0x8922, &(0x7f0000004800)={'veth0_vlan\x00', 0x133})

6.338337352s ago: executing program 2 (id=1749):
openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/tty/ldiscs\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xa000000}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

5.983631132s ago: executing program 5 (id=1750):
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000200)={@cgroup=<r2=>r1, 0x6, 0x0, 0x50d6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000005c0)={r3, r2, 0x15, 0x0, @val=@kprobe_multi=@addrs={0x1, 0x0, 0x0, 0x0, 0x5}}, 0x30)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000200)={@cgroup=<r7=>r6, 0x6, 0x0, 0x50d6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000005c0)={r8, r7, 0x15, 0x0, @val=@kprobe_multi=@syms={0x0, 0x0, 0x0}}, 0x30)
getsockopt$inet6_buf(r4, 0x29, 0x30, 0x0, 0x0)

5.211333317s ago: executing program 6 (id=1752):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/96, 0x128000, 0x800}, 0x20)

5.183901579s ago: executing program 5 (id=1753):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r5=>0x0]}, &(0x7f0000000240)=0x8)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r3, 0x84, 0x66, &(0x7f00000000c0)={r5, 0x140}, &(0x7f0000000100)=0x8)

4.571628724s ago: executing program 2 (id=1754):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r1)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_WOWLAN(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x28}}, 0x0)
getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newlink={0x34, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r5, 0x10681, 0x20000}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}}, 0x20044002)
r6 = socket(0x1, 0x803, 0x0)
r7 = socket(0x10, 0x803, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14)
sendmsg$nl_route(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@ipv6_newaddr={0x48, 0x14, 0xf01, 0x0, 0x0, {0xa, 0x0, 0x4, 0x0, r8}, [@IFA_FLAGS={0x8, 0x8, 0x400}, @IFA_CACHEINFO={0x14, 0x6, {0x7, 0x100, 0x0, 0x4}}, @IFA_LOCAL={0x14, 0x2, @mcast2}]}, 0x48}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r2, @ANYBLOB="01"], 0x3c}}, 0x0)

3.799475659s ago: executing program 6 (id=1756):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
unshare(0xa000200)
r3 = semget$private(0x0, 0x4000, 0x0)
semctl$IPC_RMID(r3, 0x0, 0x0)

3.42648706s ago: executing program 5 (id=1757):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x61, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x0, 0x3}, 0x10)
sendmsg$tipc(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc084}, 0x20000090)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f00000008c0)=[{0x6, 0x0, 0x0, 0x8}]})
socket$inet6(0x10, 0x3, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_IOC_FAIL(0xffffffffffffffff, 0x4c80, 0x7000000)

3.08189604s ago: executing program 0 (id=1758):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x200601, 0x0)
lseek(r0, 0x81, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$NFT_MSG_GETCHAIN(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x40040}, 0x0)
getsockname$packet(r4, &(0x7f0000000280)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="3c0000001000370400000000ffdbdf2500000000", @ANYRES32=r5, @ANYBLOB="83450500010000001c0012800b00010067656e65766500000c00028005000d0002000000a19ad46a1816"], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r6, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x50}, {0x6}]}, 0x10)
sendmmsg$inet(r2, &(0x7f0000000440)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @empty}}}], 0x20}}, {{&(0x7f00000000c0)={0x2, 0x4e24, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000580)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x8}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @dev={0xac, 0x14, 0x14, 0x2e}, @local}}}], 0x38}}], 0x2, 0x4000084)
recvfrom$inet_nvme(r1, 0x0, 0x0, 0x40, 0x0, 0x0)

3.079101361s ago: executing program 2 (id=1759):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0xe22}, 0x1c)
listen(r0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r2, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f00000002c0)=0x7, 0x4)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e20, 0x3, @local, 0x1}, 0x1c)
bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r3, 0x0)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="580000001500add427323b470c45b45602067fffffff81004e22030d00ff0028925aa8002000eaa57b00090080020efffeffe809020000ff0004f03adcac4b74ffffffffffffffffffffffe7ee0000000000000000020000", 0x58}], 0x1)

3.023674554s ago: executing program 2 (id=1760):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x37, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000ac0), 0x2000, 0x0)
ioctl$TIOCCBRK(r3, 0x5428)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)=@dellink={0x28, 0x11, 0x1, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, 0x22920, 0x2300}, [@IFLA_GROUP={0x8, 0x1b, 0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x94}, 0xc040)

3.020179005s ago: executing program 1 (id=1761):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58)
accept(r0, 0x0, 0x0)
pipe2$9p(&(0x7f0000003380), 0x80800)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
dup(r1)
r2 = syz_io_uring_setup(0x462, &(0x7f0000000280)={0x0, 0x40000020, 0x10, 0x2, 0x34f}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000000)=<r4=>0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x44, 0x1})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x4, 0x40, 0x7fff0000}]})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_TEE={0x21, 0x3d, 0x0, @fd, 0x0, 0x0, 0xffff, 0x0, 0x1})
io_uring_enter(r2, 0x47bc, 0x0, 0x0, 0x0, 0x0)

2.994485896s ago: executing program 1 (id=1762):
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
pselect6(0x20000088, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x300}, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000480)={0x0, 0x0, <r2=>0x0}, &(0x7f00000000c0)=0x839352b8218490eb)
mount$bpf(0x0, 0x0, 0x0, 0x960040, &(0x7f0000000100)={[{@gid={'gid', 0x3d, r2}}]})
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, &(0x7f0000000100))

2.622482217s ago: executing program 6 (id=1763):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
readv(0xffffffffffffffff, 0x0, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r3 = syz_open_dev$vcsa(&(0x7f0000000000), 0xbf, 0x42)
preadv(r3, &(0x7f0000001300)=[{&(0x7f0000002080)=""/4101, 0x1005}], 0x1, 0x5, 0x6)

2.614772508s ago: executing program 0 (id=1764):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
unshare(0x26020480)
fchmod(0xffffffffffffffff, 0x6)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000000))

1.921971688s ago: executing program 5 (id=1765):
mlock2(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x22})
mlock(&(0x7f0000ffe000/0x1000)=nil, 0xffffffffdf001fff)

1.920651888s ago: executing program 2 (id=1766):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6}, 0x94)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x9, 0x12, r3, 0x9a903000)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000001380)={&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000000380)=""/4091, 0xffb, 0x0, 0x0}, &(0x7f0000000000)=0xe)

1.908615429s ago: executing program 1 (id=1767):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0)
close(0x3)
socketpair$unix(0x1, 0x1, 0x0, 0x0)

1.791232146s ago: executing program 1 (id=1768):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0300000004000000040000004a"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x10, 0xb, &(0x7f00000009c0)=@framed={{0x18, 0x2}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @func={0x85, 0x0, 0x1, 0x0, 0x2}, @func={0x85, 0x0, 0x1, 0x0, 0x1}, @exit]}, &(0x7f0000000040)='GPL\x00', 0x4, 0xaf, &(0x7f0000000a80)=""/175, 0x0, 0xa}, 0x94)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETAF(r1, 0x5408, &(0x7f00000000c0)={0x9, 0x4ce, 0x3, 0x9dff, 0xf, "800300eb00cbe600"})
write$binfmt_aout(r1, &(0x7f0000000180)=ANY=[], 0xff2e)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0xfffffff9, 0x7fff, 0x16, "0062ba7d82000000000000000000f7ffffff00"})
r2 = syz_open_pts(r1, 0x0)
r3 = dup3(r2, r1, 0x0)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0x17)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000080)=0xa)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={r0, 0x58, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0}}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r4, 0x89f0, &(0x7f0000000180)={'ip6_vti0\x00', &(0x7f0000000100)={'syztnl2\x00', r5, 0x2f, 0xd, 0x7, 0xd, 0x20, @dev={0xfe, 0x80, '\x00', 0xf}, @private0, 0x700, 0x8, 0xa, 0x4}})

1.508960252s ago: executing program 6 (id=1769):
r0 = socket$inet6(0xa, 0x3, 0x3a)
syz_mount_image$hfsplus(&(0x7f0000000080), &(0x7f0000000100)='./file1\x00', 0x0, &(0x7f0000000340)=ANY=[], 0x2, 0x638, &(0x7f0000000ac0)="$eJzs3c1rHOcdB/DvrGRZssFRGttxSyAihrRU1NYLSqte6pZSVAglpIeehS1j4bWTSkpRQmnUN3rtIX9AetCtp0IvhYIgPbe3XHUMFHrJST1tmdlZvVjydjdeeWXn8zEz8zzzzDzze347L7trxAb40lqazuhOiixNv7lZ1ne355u72/MPOuUk55M0ktH2IsXDpPgkuZX2lK+WK+vuiscd56PVxbc//Xz3s3ZttJ6q7Rvd9uvNVj1lKslIvRxUf7efuL9if4Rlwq53EgfDdi5J64ifXz1o6e7CE1+3wFlQtJ+b+1r1lT1ZXeYZr98HtJ+K7Wf2M21r2AEAAADAoI0fX/XCXvaymUvDCAcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeVfXv/1e/+j++vyrFVIrO7/+PddqTXBxiqN2N9bbZTuO0AwEAAAAAAACA0/fqXvaymUudeqtII8lrVeVyNb+Y97KelazlRjaznI1sZC2zSSYPdTS2ubyxsTbbw55zJ+4512PAE08+ZgAAAAAAAAB4Dv0mSwf//w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGdBkYy0F9V0uVOeTGM0yXiSsXK7reRfnfKzbGfYAQAAAMBT8MJe9rKZS516q6g+81+tPveP5708zEZWs5FmVnKn+i6g/am/sbs939zdnn9QTsf7/f5/+gqj6jHt7x5OPvK1aouJ3M1qteZGbuedNHMnjWrP0rVOPCfH9esypuJ7tR4ju1Mvy5H/sV6evpEetpmsMnJuPyMzdWxlNl7snomjr85Wv0eaTWP/m5/Lp5DzC/WySC7++KnlvBd1Jl5NnYm5Q2ff1e6ZSL7+1z//7F7z4f17d9enz86Q+nC+1Wp1yo+eE/OHMvHyc5+Jw2aqTFzZry/lR/lppjOVt7KW1fwiy9nISqbyw6q0XJ/P5Xyye6ZuHam9Vc0nHh/JWP26tO8e/cX0WrXvpazmJ3knd7KSN6p/c5nNt7OQhSweeoWv9HDVN/q76q9/oy6UA/xD94E+ZWVeX6zz+mFy5J47WbUdXnOQpRQZ9L1x9Gt1oTzGb+vl2fBoJmYPZeKl7ufLn6rbynrz4f21e8vv9ni81+tleR39/kw9Jcrz5Svli1XVjp4dZdtLJ7bNVm2X99sax9qu7Lf9vyt1rH4Pd7ynuart5RPb5qu2a4faTnq/BcCZd+GbF8Ym/j3xz4mPJ343cW/izfEfnP/O+VfGcu4f5747OjPyeuOV4i/5OL86+PwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8cevvf3B/udlcWXuk0Gq1PnxM0xctjKSfvf7+t0EevfN7RAMczmAL4/1s3DobMfdT+G+r1RpIh1tdTtqBFVq1M5G6IRWGfGMCTt3NjQfv3lx//4NvrXYekQsLizOLC2/M37y72lyZac+HHCRwKg4e+sOOBAAAAAAAAAAAAOjV0/hzgmGPEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHi2LU1ndCdFZmduzJT13e35Zjl1ygdbjiZpJCl+mRSfJLfSnjJ5qLvi+BF2qvlHq4tvf/r57mcHfY12tm+cvF8/tuopU0lG6uWg+rv9xP0V+yMsE3a9kzgYtv8FAAD//ywaEHk=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x4e, 0x0, 0x0)

1.503457982s ago: executing program 0 (id=1770):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r1)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r3, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r3], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0)
r5 = socket(0x10, 0x3, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0xffffffffffffffdb, 0x3, {0x6, 0x2}}}}]}, 0x44}}, 0x800)
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=@newtfilter={0x46c, 0x28, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0x9}, {}, {0x9, 0xb}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x43c, 0x2, [@TCA_CGROUP_ACT={0x30, 0x1, [@m_ct={0x2c, 0x11, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x2}}}}]}, @TCA_CGROUP_POLICE={0x408, 0x2, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1, 0xab, 0x7, 0x0, 0x6, 0x100, 0x7a, 0x8, 0xff, 0x0, 0x0, 0x47, 0x10000, 0x5, 0x2, 0xec, 0x5, 0x88b, 0x3, 0x8, 0xfffffff8, 0x7, 0xcefb, 0x1, 0xae42, 0x94, 0x9, 0x4dd8, 0xffffffff, 0x8, 0x20ce, 0x7, 0x9, 0x4, 0x3, 0x36222594, 0x6, 0x3, 0x9, 0x80, 0x7, 0x7ff, 0x9, 0x8, 0x9, 0x9c18, 0x5, 0x4, 0xffffffcf, 0x20000000, 0x0, 0x5, 0x7fffffff, 0x3, 0x1, 0x80, 0xffffffff, 0x5, 0x4, 0x5, 0x80, 0x2, 0xfff, 0x9, 0x100, 0x2, 0x1, 0x4ea4, 0x7, 0x8, 0x2, 0x5, 0x6, 0x4, 0x7, 0x9, 0x0, 0x1, 0x897, 0x3, 0xf555, 0x81, 0x3, 0xf, 0xfffffff9, 0xffffff7f, 0x3, 0x5e8, 0x8, 0x7e, 0xa1b4, 0x0, 0x3, 0x10000, 0x5, 0x8000, 0x1ff, 0x7, 0xa, 0x6, 0x6, 0x421, 0x5, 0x5, 0xff, 0x9, 0x0, 0x5, 0x9b8e, 0x0, 0xaf8c, 0x1e, 0x1, 0x9, 0x8b9, 0x7, 0x7, 0x2, 0x8, 0x7, 0xba8e, 0x5, 0x101, 0x6c6, 0x5, 0x9, 0x9, 0x7fffffff, 0x1a8e, 0x8, 0x3, 0x6, 0xa, 0x4, 0x8, 0xfff, 0xf, 0x1000, 0x2, 0x6, 0x101, 0x1, 0x7, 0x80, 0xe00, 0x80000001, 0x80000000, 0xf, 0x6, 0x2, 0xfff, 0x0, 0x7, 0xfffffe00, 0x8, 0x9ab2, 0x8, 0xfffffff8, 0x8000, 0x1e, 0x4, 0x6, 0xfffffffa, 0x8, 0xe, 0x800, 0x0, 0x8000, 0x3, 0x400, 0xfffff800, 0x1, 0x9, 0x10000, 0x101, 0xf, 0x8, 0x7fffffff, 0x7, 0x2, 0x4, 0x0, 0x2, 0x7, 0xfa, 0x2, 0x7, 0x9, 0x2f, 0x7, 0x5, 0x1, 0x590, 0x5, 0x10, 0x1, 0x4, 0x2, 0x3ff, 0x55, 0x5, 0xf, 0xa, 0x8, 0x6, 0x7fff, 0x0, 0x7, 0xffffffff, 0xfff, 0xfffffff7, 0x0, 0xb0, 0x81, 0x5152, 0x7fffffff, 0x7fffffff, 0x6, 0x9, 0x2, 0xfffffffd, 0x2, 0x7ff, 0x8, 0xba, 0x5, 0x1, 0x8000, 0xecf, 0x2, 0x4000000, 0x400, 0xc9db, 0x0, 0x3, 0x8ed, 0x34, 0x1, 0x81, 0x8, 0x7ff, 0x21a, 0x401, 0x0, 0xfffe000, 0x1, 0x9, 0xfff, 0x1, 0x1, 0x3, 0x10000, 0x800, 0x4, 0x7ffffffe, 0x7]}]}]}}]}, 0x46c}, 0x1, 0x0, 0x0, 0x810}, 0x40040c4)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x2, 0x8}}]}}]}, 0x48}}, 0x0)

1.463880094s ago: executing program 1 (id=1771):
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = userfaultfd(0x801)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f0000000180), 0xc06620, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x4e, &(0x7f0000000000)=0x1, 0x4)
socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @loopback={0x0, 0xa8aaaafffeaaaa1e}, 0x8000}, 0x1c)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22, 0x9, @empty, 0xfffffffe}, 0x1c)

1.03117162s ago: executing program 5 (id=1772):
r0 = socket(0x10, 0x80002, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="a4280400000000001400350076657468305f746f5f626f6e6400000008000a00", @ANYRES32=r6], 0x3c}, 0x1, 0x0, 0x0, 0x4008800}, 0x8000)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x0)

1.03001555s ago: executing program 2 (id=1782):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/96, 0x128000, 0x800}, 0x20)

975.405873ms ago: executing program 0 (id=1773):
prlimit64(0x0, 0xe, &(0x7f0000000340)={0xa, 0x400000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x8000}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x1000001, 0x12, r3, 0x0)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)

67.708255ms ago: executing program 6 (id=1774):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x4000)
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
syz_mount_image$hfs(&(0x7f0000000200), &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="696f636861727365743d69736f383835392d31352c636f6465706167653d63703737352c0063f5bfec90c0575e51077ad31670644610d07fe6556d48fa2ba399def849276b27786a6583c1ea1b2272aab9f6febcf615e51830daf2cac20faf453604c70bb935ad6698f9ec48ce09f0f4681d3e4e495a87221e5cc2fd6546d0159177e315d8c9bf6cf60c811b2f"], 0x4, 0x345, &(0x7f0000006ac0)="$eJzs3U1r1EwAB/D/JNl292npk6ftQ8FjsdfS6kHxYpEigl/AgxRru4XSWMFWcBekW88i3gTBozfPol9BL+IXUBB6EE96KR6MzGRm89JJNrvddlv6/0G3yXReM5lkZstuQERn1rXFL68v7skfUQHgArgCOMAuAA/A/5iqPtzcXt8O6qtFGblAFepH6JTiQJyVzbotqUynUmi+3PMwmgyjoxGGYfi1Y6yfx1IXGhwhR7BlvDnAsB6d8toQjVVl6Fjr12+tqF1nixtvin3s4xHGBlkdIiIaPBHdHRx9lxjV83fHAWb0vCBz/z913OTO/uDqcSK07/9OtB8KeXz+VX+K13tqCSd73zGrRFte1nMijA+3mik6mQ4QnVaVO/r3elCfbakMnuCqlog2qV5XYRqi5NVWz1mnLWvTAkVtLzYiX5zK2npQv5BT/4muS3z/HS/sxS19LFEn8UF8EkvCx0ustud/XijkwVHHx8/0VFT/ufwcVSv9KFaqlfF64j9VyDnTA+/exK2s5R3XKlxZFxuZi8jO331Tz+c5SxMVPJ56qwFu1Lr5/NapVBPpVKZP2/u/rakms6lqa5WgPrtyPyh8K6VvXFugeCZuiWn8wFssJub/jow9g4MjU7SiCKlRLlRMfWYUtsdTMXP6MUUN4HtdjUxSrls72ubGN7P1FHdxGWNbjebGchDUH5Ta8NBF5G43zFCJQ8IjK6vERnQi6tNRhsjfiTioyo0KgL4V+icM7U320Gg6OOomV1RTL72Km9zcWDbD/3BFoNXO0PxpIT8ygAUAOsRcEXopfaedajjOsFTyX7K3VYj9nE9fp/reF7uJEFNUKo6L4VKDsdZD6TcfbywHvVyI6LTZajTNHGDq9oDrQgMh510iWv8l1itz6qojX/yC1UjYKfNEjvM5K6Bx9fpPuRVcO9vceeKI2eiw5qoBOJ8p0YEpcTebra/riZP4X8nu/5UhFvEZd/j+PxERERERERERERERERERERERERHRabPV8Lr6fEIvHydIl7h3Br94g4iIiIiIiIiIiIiIiIiIiIiIiIiIiIjocBLP/wVc9cSYoeibuKvH//xf/R3dvlvi+b/muRRE1LO/AQAA//8HNVvK")

44.914327ms ago: executing program 1 (id=1775):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_INTERFACE(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x44, r5, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0x8}, @val={0xc, 0x99, {0x7ff, 0x70}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x81}, 0x24044884)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})

0s ago: executing program 5 (id=1776):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}}, 0x20040084)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x49, &(0x7f0000000540)={&(0x7f00000008c0)=@newqdisc={0x8c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r4, {0xffff}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x4, [0xc, 0x5, 0x0, 0xf, 0x10, 0x2, 0x4, 0x2, 0xf, 0x6, 0x3, 0x7, 0x8, 0x4, 0x10, 0x4], 0x3, [0xb, 0x3, 0xad1e, 0x2002, 0x1, 0x4, 0x2, 0xd06, 0xff05, 0x2, 0xb, 0x3, 0x5, 0x6, 0xd, 0x100], [0xfff1, 0x5, 0xffff, 0xfff5, 0x4, 0x8, 0x1, 0x9, 0x5, 0x2, 0xc, 0x40, 0xfffc, 0x3, 0x1]}}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000480)=@newqdisc={0x24, 0x29, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r7, {0xffff}, {0xffff, 0xffff}, {0x2, 0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)
r8 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$inet6_MCAST_JOIN_GROUP(r8, 0x29, 0x2a, &(0x7f0000000140)={0x1000, {{0xa, 0x4e22, 0x4, @loopback, 0x5}}}, 0x84)

kernel console output (not intermixed with test programs):

30d)
[   45.556650][ T4660] loop1: detected capacity change from 0 to 1024
[   45.558214][ T4660] EXT4-fs: Ignoring removed orlov option
[   45.937964][ T4660] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   45.960768][ T4669] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   45.975450][ T4669] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   45.978690][ T4669] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   45.984640][ T4321] EXT4-fs (loop1): unmounting filesystem.
[   45.988536][ T4669] device bridge_slave_0 left promiscuous mode
[   45.990010][ T4669] bridge0: port 1(bridge_slave_0) entered disabled state
[   46.035988][ T4669] device bridge_slave_1 left promiscuous mode
[   46.037189][ T4669] bridge0: port 2(bridge_slave_1) entered disabled state
[   46.064195][ T4669] bond0: (slave bond_slave_0): Releasing backup interface
[   46.097242][ T4669] bond0: (slave bond_slave_1): Releasing backup interface
[   46.143063][ T4669] team0: Failed to send options change via netlink (err -105)
[   46.144758][ T4669] team0: Failed to send port change of device team_slave_0 via netlink (err -105)
[   46.146526][ T4669] team0: Port device team_slave_0 removed
[   46.155957][ T4669] team0: Failed to send options change via netlink (err -105)
[   46.157224][ T4669] team0: Failed to send port change of device team_slave_1 via netlink (err -105)
[   46.158951][ T4669] team0: Port device team_slave_1 removed
[   46.160150][ T4669] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   46.161380][ T4669] batman_adv: batadv0: Removing interface: batadv_slave_0
[   46.163474][ T4669] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   46.164658][ T4669] batman_adv: batadv0: Removing interface: batadv_slave_1
[   46.169557][ T4676] team0: Failed to send options change via netlink (err -105)
[   46.170699][ T4676] team0: Mode changed to "activebackup"
[   46.171614][ T4678] netlink: 'syz.2.78': attribute type 11 has an invalid length.
[   46.297809][ T4693] netlink: 12 bytes leftover after parsing attributes in process `syz.1.81'.
[   46.330431][ T4695] netlink: 4 bytes leftover after parsing attributes in process `syz.1.83'.
[   47.177835][ T4708] netlink: 24 bytes leftover after parsing attributes in process `syz.3.87'.
[   48.851400][ T4730] netlink: 24 bytes leftover after parsing attributes in process `syz.4.91'.
[   48.964695][ T4734] fuse: Bad value for 'fd'
[   49.532189][ T4326] Bluetooth: hci0: command 0x0406 tx timeout
[   49.611624][ T4734] process 'syz.0.95' launched './file0' with NULL argv: empty string added
[   49.722342][ T4750] netlink: 24 bytes leftover after parsing attributes in process `syz.3.101'.
[   49.841295][ T4388] kernel write not supported for file [eventfd] (pid: 4388 comm: kworker/0:5)
[   49.955366][ T4762] loop2: detected capacity change from 0 to 256
[   49.988619][ T4762] FAT-fs (loop2): Directory bread(block 64) failed
[   49.989765][ T4762] FAT-fs (loop2): Directory bread(block 65) failed
[   49.990966][ T4762] FAT-fs (loop2): Directory bread(block 66) failed
[   49.992083][ T4762] FAT-fs (loop2): Directory bread(block 67) failed
[   49.993434][ T4762] FAT-fs (loop2): Directory bread(block 68) failed
[   49.994584][ T4762] FAT-fs (loop2): Directory bread(block 69) failed
[   49.995853][ T4762] FAT-fs (loop2): Directory bread(block 70) failed
[   49.997007][ T4762] FAT-fs (loop2): Directory bread(block 71) failed
[   49.998572][ T4762] FAT-fs (loop2): Directory bread(block 72) failed
[   49.999724][ T4762] FAT-fs (loop2): Directory bread(block 73) failed
[   50.829719][ T4764] netlink: 'syz.3.104': attribute type 1 has an invalid length.
[   50.903363][ T4764] bond1: (slave gretap1): making interface the new active one
[   50.905957][ T4764] bond1: (slave gretap1): Enslaving as an active interface with an up link
[   50.936712][ T4764] bond1: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[   51.045021][ T4773] netlink: 8 bytes leftover after parsing attributes in process `syz.0.108'.
[   51.065718][ T4778] loop1: detected capacity change from 0 to 2048
[   51.077463][ T4778] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   51.088968][ T4778] netlink: 182 bytes leftover after parsing attributes in process `syz.1.110'.
[   51.111621][ T4321] EXT4-fs (loop1): unmounting filesystem.
[   51.223922][ T4787] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   51.243767][ T4782] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   52.004518][ T4800] Set syz0 is full, maxelem 0 reached
[   52.158472][ T4809] loop2: detected capacity change from 0 to 1024
[   52.247236][ T4809] EXT4-fs: Ignoring removed i_version option
[   52.248182][ T4809] EXT4-fs: inline encryption not supported
[   52.250116][ T4809] EXT4-fs (loop2): Test dummy encryption mode enabled
[   52.256031][ T4809] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   52.388302][ T4332] EXT4-fs (loop2): unmounting filesystem.
[   52.792321][ T4843] 9pnet_fd: p9_fd_create_unix (4843): address too long: ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[   53.218001][ T4862] netlink: 24 bytes leftover after parsing attributes in process `syz.1.136'.
[   53.652382][ T4866] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   53.653665][ T4866] IPv6: NLM_F_CREATE should be set when creating new route
[   53.668847][ T4403] bridge0: port 2(bridge_slave_1) entered disabled state
[   53.701898][ T4899] netlink: 156 bytes leftover after parsing attributes in process `syz.4.149'.
[   53.712980][ T4896] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   53.723722][ T4901] loop1: detected capacity change from 0 to 1024
[   53.725222][ T4901] EXT4-fs: Ignoring removed bh option
[   53.738560][ T4901] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   53.755995][ T4905] netlink: 156 bytes leftover after parsing attributes in process `syz.4.149'.
[   53.795990][ T4896] batman_adv: batadv0: Removing interface: batadv_slave_0
[   53.941054][ T4321] EXT4-fs (loop1): unmounting filesystem.
[   54.433257][   T27] audit: type=1326 audit(54.420:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4939 comm="syz.0.157" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff82775928 code=0x0
[   54.457457][ T4942] tipc: Started in network mode
[   54.458462][ T4942] tipc: Node identity 7f000001, cluster identity 4711
[   54.460422][ T4942] tipc: Enabled bearer <udp:syz2>, priority 10
[   54.466945][ T4942] loop2: detected capacity change from 0 to 16
[   54.481382][ T4310] udevd[4310]: incorrect erofs checksum on /dev/loop2
[   54.484562][ T4942] erofs: (device loop2): erofs_superblock_csum_verify: invalid checksum 0x80a9593b, 0x7bbbea8c expected
[   54.490897][ T4942] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[   55.383553][ T4978] netlink: 'syz.0.173': attribute type 1 has an invalid length.
[   55.750872][ T4984] loop2: detected capacity change from 0 to 16
[   55.764829][ T4984] erofs: (device loop2): mounted with root inode @ nid 36.
[   55.829732][ T4981] bond1: (slave vxcan1): The slave device specified does not support setting the MAC address
[   55.831355][ T4981] bond1: (slave vxcan1): Setting fail_over_mac to active for active-backup mode
[   55.834168][ T4981] bond1: (slave vxcan1): making interface the new active one
[   55.835864][ T4981] bond1: (slave vxcan1): Enslaving as an active interface with an up link
[   55.837218][   T14] tipc: Node number set to 2130706433
[   55.838756][ T4986] netlink: 4 bytes leftover after parsing attributes in process `syz.0.173'.
[   55.841686][ T4986] bond1 (unregistering): (slave vxcan1): Releasing backup interface
[   55.892412][ T4986] bond1 (unregistering): Released all slaves
[   57.937110][ T5046] bridge0: port 1(bridge_slave_0) entered disabled state
[   57.959643][ T5046] device bridge_slave_1 left promiscuous mode
[   57.961206][ T5046] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.006464][ T5046] device bridge_slave_0 left promiscuous mode
[   58.007523][ T5046] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.305618][ T5051] batman_adv: batadv0: Removing interface: batadv_slave_0
[   59.821685][ T5080] netlink: 24 bytes leftover after parsing attributes in process `syz.0.214'.
[   60.244503][ T5079] tipc: Started in network mode
[   60.245505][ T5079] tipc: Node identity ac14140f, cluster identity 4711
[   60.246758][ T5079] tipc: New replicast peer: 255.255.255.255
[   60.248383][ T5079] tipc: Enabled bearer <udp:syz2>, priority 10
[   60.656316][ T5098] A link change request failed with some changes committed already. Interface ip6gre0 may have been left with an inconsistent configuration, please check.
[   60.659506][ T5098] netlink: 28 bytes leftover after parsing attributes in process `syz.2.210'.
[   60.779827][ T5112] loop3: detected capacity change from 0 to 512
[   61.547475][ T4450] tipc: Node number set to 2886997007
[   61.557555][ T4322] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   61.560272][ T4322] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   61.561758][ T4322] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   61.563717][ T4322] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   61.565878][ T4322] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   61.567740][ T4322] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   61.569130][ T5122] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.570389][ T5122] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.582737][ T5126] device bridge_slave_1 left promiscuous mode
[   61.583782][ T5126] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.939803][ T5126] device bridge_slave_0 left promiscuous mode
[   61.947824][ T5126] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.060790][ T5141] binder: 5140:5141 tried to acquire reference to desc 0, got 1 instead
[   62.063768][ T5141] binder_alloc: 5140: pid 5140 spamming oneway? 1 buffers allocated for a total size of 4096
[   62.067014][ T4368] binder: release 5140:5141 transaction 10 out, still active
[   62.068442][ T4368] binder: undelivered TRANSACTION_COMPLETE
[   62.069532][ T4368] binder: undelivered TRANSACTION_COMPLETE
[   62.078027][ T4368] binder: send failed reply for transaction 10, target dead
[   62.079258][ T4368] binder: undelivered transaction 11, process died.
[   62.176361][    T9] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.264080][    T9] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.289510][ T5129] chnl_net:caif_netlink_parms(): no params data found
[   62.380076][    T9] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.426011][ T5129] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.427243][ T5129] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.428716][ T5129] device bridge_slave_0 entered promiscuous mode
[   62.430488][ T5129] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.431575][ T5129] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.436867][ T5129] device bridge_slave_1 entered promiscuous mode
[   62.584400][    T9] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.635640][ T5129] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   62.638504][ T5129] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   62.666093][ T5129] team0: Port device team_slave_0 added
[   62.667794][ T5129] team0: Port device team_slave_1 added
[   62.697794][ T5129] batman_adv: batadv0: Adding interface: batadv_slave_0
[   62.698801][ T5129] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.702948][ T5129] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   62.716925][ T5129] batman_adv: batadv0: Adding interface: batadv_slave_1
[   62.718132][ T5129] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.721958][ T5129] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   62.843480][ T5129] device hsr_slave_0 entered promiscuous mode
[   62.872404][ T5129] device hsr_slave_1 entered promiscuous mode
[   62.892255][ T5129] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   62.893512][ T5129] Cannot create hsr debugfs directory
[   62.947214][   T27] audit: type=1326 audit(62.930:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5187 comm="syz.1.245" exe="/root/syz-executor" sig=9 arch=c00000b7 syscall=98 compat=0 ip=0xffffac575928 code=0x0
[   63.100943][ T5206] device bridge_slave_1 left promiscuous mode
[   63.102408][ T5206] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.116725][ T5206] device bridge_slave_0 left promiscuous mode
[   63.117843][ T5206] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.358821][ T5129] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   63.514005][ T5129] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   63.752926][ T4322] Bluetooth: hci0: command 0x0409 tx timeout
[   63.880541][ T5129] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   63.925778][ T5220] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   63.929901][ T5220] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   63.989585][ T5129] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   64.503355][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[   64.504481][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[   65.350422][ T5129] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.359534][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   65.361094][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   65.366264][ T5129] 8021q: adding VLAN 0 to HW filter on device team0
[   65.373589][ T5225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   65.375212][ T5225] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   65.376811][ T5225] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.377961][ T5225] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.379324][ T5225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   65.380674][ T5225] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   65.381937][ T5225] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.383088][ T5225] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.405794][ T5225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   65.412795][ T5225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   65.414414][ T5225] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   65.583385][    T9] bond1: (slave gretap1): Releasing active interface
[   65.605351][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   65.607396][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   65.609076][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   65.624317][ T5129] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   65.626564][ T5129] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   65.632613][ T5225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   65.634657][ T5225] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   65.636393][ T5225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   65.638057][ T5225] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   65.640345][ T5225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   65.642676][ T5225] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   65.648697][ T5225] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   65.794593][ T4326] Bluetooth: hci0: command 0x041b tx timeout
[   65.804283][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   65.805596][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   65.813746][ T5129] 8021q: adding VLAN 0 to HW filter on device batadv0
[   66.070937][ T5361] netlink: 'syz.0.267': attribute type 1 has an invalid length.
[   66.115816][ T5361] 8021q: adding VLAN 0 to HW filter on device bond2
[   66.117483][ T5361] bond1: (slave bond2): making interface the new active one
[   66.118816][ T5361] bond1: (slave bond2): Enslaving as an active interface with an up link
[   66.120222][ T4403] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   66.121779][ T4403] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   66.129864][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   66.131410][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   66.134260][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   66.135695][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   66.144618][ T5371] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[   66.144618][ T5371] The task syz.2.274 (5371) triggered the difference, watch for misbehavior.
[   66.424536][ T5361] netlink: 4 bytes leftover after parsing attributes in process `syz.0.267'.
[   66.427968][ T5361] bond1 (unregistering): (slave bond2): Releasing backup interface
[   66.457308][ T5361] bond1 (unregistering): Released all slaves
[   66.461570][ T5129] device veth0_vlan entered promiscuous mode
[   66.465320][ T5129] device veth1_vlan entered promiscuous mode
[   66.475613][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   66.476990][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   66.482823][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   66.485611][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   66.510501][    T9] device hsr_slave_0 left promiscuous mode
[   66.535545][    T9] device hsr_slave_1 left promiscuous mode
[   66.550405][ T5386] loop1: detected capacity change from 0 to 1024
[   66.682395][    T9] device veth1_macvtap left promiscuous mode
[   66.683615][    T9] device veth0_macvtap left promiscuous mode
[   66.684614][    T9] device veth1_vlan left promiscuous mode
[   66.685562][    T9] device veth0_vlan left promiscuous mode
[   66.735640][    T9] bond1 (unregistering): Released all slaves
[   67.852158][ T4322] Bluetooth: hci0: command 0x040f tx timeout
[   69.623095][   T22] cfg80211: failed to load regulatory.db
[   69.932556][ T4326] Bluetooth: hci0: command 0x0419 tx timeout
[   70.833984][    T9] bond0 (unregistering): Released all slaves
[   71.224329][ T5129] device veth0_macvtap entered promiscuous mode
[   71.226963][ T5129] device veth1_macvtap entered promiscuous mode
[   71.231275][ T5129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   71.240738][ T5129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.242919][ T5129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   71.244758][ T5129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.246935][ T5129] batman_adv: batadv0: Interface activated: batadv_slave_0
[   71.249672][ T5129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   71.254102][ T5129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.255521][ T5129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   71.257038][ T5129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.258400][ T5129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   71.262567][ T5129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.265306][ T5129] batman_adv: batadv0: Interface activated: batadv_slave_1
[   71.266496][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   71.268125][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   71.269660][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   71.271126][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   71.277804][ T5129] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.279240][ T5129] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.280454][ T5129] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.281718][ T5129] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.308701][ T1644] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.310031][ T1644] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.319085][ T4403] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   71.328274][ T4403] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.329624][ T4403] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.331666][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   71.493300][ T5418] loop4: detected capacity change from 0 to 512
[   74.025521][ T4326] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   74.027667][ T4326] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   74.029432][ T4326] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   74.031442][ T4329] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   74.033401][ T4329] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[   74.034776][ T4329] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   74.292310][ T5493] netlink: 24 bytes leftover after parsing attributes in process `syz.2.294'.
[   74.311894][ T5502] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   74.314829][ T5502] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   74.388121][ T5509] netlink: 24 bytes leftover after parsing attributes in process `syz.1.299'.
[   75.482118][    C0] sched: RT throttling activated
[   75.501564][ T5474] chnl_net:caif_netlink_parms(): no params data found
[   75.607807][ T5474] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.608901][ T5474] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.620156][ T5474] device bridge_slave_0 entered promiscuous mode
[   75.634614][ T5474] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.637474][ T5474] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.652320][ T5474] device bridge_slave_1 entered promiscuous mode
[   75.738769][ T5474] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   75.741401][ T5474] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   76.092342][ T4326] Bluetooth: hci4: command 0x0409 tx timeout
[   76.101712][ T5474] team0: Port device team_slave_0 added
[   76.108752][ T5474] team0: Port device team_slave_1 added
[   76.135097][ T5474] batman_adv: batadv0: Adding interface: batadv_slave_0
[   76.136251][ T5474] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.146478][ T5474] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   76.151919][ T5474] batman_adv: batadv0: Adding interface: batadv_slave_1
[   76.154921][ T5474] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.159007][ T5474] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   76.162665][ T5558] netlink: 24 bytes leftover after parsing attributes in process `syz.1.310'.
[   76.224177][ T5474] device hsr_slave_0 entered promiscuous mode
[   76.262759][ T5474] device hsr_slave_1 entered promiscuous mode
[   76.362100][ T5474] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   76.365220][ T5474] Cannot create hsr debugfs directory
[   76.829838][ T5474] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   76.832896][ T5577] Injecting memory failure for pfn 0x132dc7 at process virtual address 0x20003000
[   76.835416][ T5577] Memory failure: 0x132dc7: Failed to invalidate
[   76.836410][ T5577] Memory failure: 0x132dc7: clean unevictable LRU page still referenced by 2 users
[   76.838058][ T5577] Memory failure: 0x132dc7: recovery action for clean unevictable LRU page: Failed
[   76.876719][ T5580] netlink: 4 bytes leftover after parsing attributes in process `syz.5.316'.
[   76.965238][ T5474] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   77.005575][ T5474] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   77.057194][ T5474] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   77.205469][ T5474] 8021q: adding VLAN 0 to HW filter on device bond0
[   77.218014][ T4699] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   77.219459][ T4699] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   77.229337][ T5474] 8021q: adding VLAN 0 to HW filter on device team0
[   77.233421][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   77.234932][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   77.236466][ T1644] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.237655][ T1644] bridge0: port 1(bridge_slave_0) entered forwarding state
[   77.246951][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   77.251519][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   77.257152][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   77.263097][ T1644] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.264143][ T1644] bridge0: port 2(bridge_slave_1) entered forwarding state
[   77.269307][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   77.274215][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   77.281469][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   77.290920][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   77.299553][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   77.304685][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   77.315811][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   77.317822][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   77.320045][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   77.326930][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   77.328581][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   77.331002][ T5474] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   77.436943][ T4699] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   77.438221][ T4699] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   77.445423][ T5474] 8021q: adding VLAN 0 to HW filter on device batadv0
[   77.929313][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   77.940082][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   77.947560][ T5474] device veth0_vlan entered promiscuous mode
[   77.950728][ T5474] device veth1_vlan entered promiscuous mode
[   77.958568][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   77.960101][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   77.961640][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   77.963378][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   77.964870][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   77.981315][ T4488] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   77.983182][ T4488] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   77.984864][ T4488] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   77.989139][ T5474] device veth0_macvtap entered promiscuous mode
[   77.993940][ T5474] device veth1_macvtap entered promiscuous mode
[   78.004802][ T5474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   78.008606][ T5474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.010848][ T5474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   78.013184][ T5474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.015049][ T5474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   78.016809][ T5474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.019063][ T5474] batman_adv: batadv0: Interface activated: batadv_slave_0
[   78.021298][ T5474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.023214][ T5474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.024817][ T5474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.026729][ T5474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.028430][ T5474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.030172][ T5474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.031942][ T5474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.041340][ T5474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.214820][ T5474] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.217460][ T5474] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.220003][ T5474] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.224538][ T5474] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.228035][ T5474] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.267620][ T4490] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.268884][ T4490] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.282618][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.283852][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.305069][ T4322] Bluetooth: hci4: command 0x041b tx timeout
[   78.321401][ T5653] netlink: 'syz.1.328': attribute type 4 has an invalid length.
[   78.396017][ T4488] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   78.397536][ T4488] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   78.398825][ T4488] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   78.400310][ T4488] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   78.401865][ T4488] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   78.412638][ T4488] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   78.415077][ T4488] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   78.416378][ T4488] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   78.422172][ T5655] netlink: 'syz.1.328': attribute type 4 has an invalid length.
[   78.566441][ T5673] netlink: 'syz.1.334': attribute type 10 has an invalid length.
[   78.578889][ T5673] 8021q: adding VLAN 0 to HW filter on device bond0
[   78.601089][ T5673] team0: Port device bond0 added
[   78.761351][ T5690] netlink: 12 bytes leftover after parsing attributes in process `syz.6.342'.
[   79.003214][ T5703] netlink: 12 bytes leftover after parsing attributes in process `syz.0.346'.
[   79.021406][ T5703] bridge0: port 1(vlan2) entered blocking state
[   79.032470][ T5703] bridge0: port 1(vlan2) entered disabled state
[   79.268424][ T5705] loop6: detected capacity change from 0 to 40427
[   79.274128][ T5715] overlayfs: failed to clone upperpath
[   79.380757][ T5705] F2FS-fs (loop6): Found nat_bits in checkpoint
[   79.403755][ T5705] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[   80.332245][ T4326] Bluetooth: hci4: command 0x040f tx timeout
[   80.649928][ T5705] syz.6.347: attempt to access beyond end of device
[   80.649928][ T5705] loop6: rw=0, sector=45064, nr_sectors = 8 limit=40427
[   80.957613][ T5756] netlink: 24 bytes leftover after parsing attributes in process `syz.2.367'.
[   80.960769][ T5756] netlink: 24 bytes leftover after parsing attributes in process `syz.2.367'.
[   80.982474][ T5758] 9pnet: p9_errstr2errno: server reported unknown error /
[   81.743161][ T5778] netlink: 12 bytes leftover after parsing attributes in process `syz.5.373'.
[   81.816658][ T5781] netlink: 24 bytes leftover after parsing attributes in process `syz.5.375'.
[   82.564949][ T4322] Bluetooth: hci4: command 0x0419 tx timeout
[   82.956168][ T5794] binder: 5793:5794 tried to acquire reference to desc 0, got 1 instead
[   82.958514][ T5794] binder: 5793:5794 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[   82.960398][ T5794] binder: 5794 RLIMIT_NICE not set
[   83.297208][ T5794] binder: 5794 RLIMIT_NICE not set
[   83.301101][ T5791] binder: release 5793:5805 transaction 16 out, still active
[   83.302425][ T5791] binder: undelivered TRANSACTION_COMPLETE
[   83.305544][ T1644] kworker/u4:4: attempt to access beyond end of device
[   83.305544][ T1644] loop6: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[   83.315166][ T5782] netlink: 36 bytes leftover after parsing attributes in process `syz.0.374'.
[   83.326595][  T113] binder: release 5793:5794 transaction 16 in, still active
[   83.327735][  T113] binder: send failed reply for transaction 16, target dead
[   84.326699][ T5837] netlink: 24 bytes leftover after parsing attributes in process `syz.0.390'.
[   84.570381][ T5810] loop5: detected capacity change from 0 to 131072
[   84.596649][ T5810] F2FS-fs (loop5): invalid crc value
[   84.947739][ T5810] F2FS-fs (loop5): Found nat_bits in checkpoint
[   84.977258][ T5858] netlink: 4 bytes leftover after parsing attributes in process `syz.6.396'.
[   84.978778][ T5810] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[   84.993903][ T5858] team1 (uninitialized): Failed to send options change via netlink (err -105)
[   85.069712][ T5858] device team1 entered promiscuous mode
[   87.003998][ T5910] Illegal XDP return value 65535 on prog  (id 81) dev N/A, expect packet loss!
[   88.574679][ T5938] block nbd5: shutting down sockets
[   89.044686][ T5960] loop6: detected capacity change from 0 to 764
[   90.001070][ T5977] netlink: 24 bytes leftover after parsing attributes in process `syz.0.420'.
[   90.022787][ T5978] netlink: 8 bytes leftover after parsing attributes in process `syz.2.419'.
[   90.026223][ T5978] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[   90.027523][ T5974] netlink: 24 bytes leftover after parsing attributes in process `syz.1.421'.
[   90.085894][ T5974] netlink: 4 bytes leftover after parsing attributes in process `syz.1.421'.
[   90.297127][ T6002] fuse: Bad value for 'fd'
[   90.837916][ T4322] Bluetooth: hci3: link tx timeout
[   90.839640][ T4322] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[   92.400982][ T6070] netlink: 4 bytes leftover after parsing attributes in process `syz.2.438'.
[   92.897061][ T4322] Bluetooth: hci3: command 0x0406 tx timeout
[   93.035362][ T6081] loop5: detected capacity change from 0 to 764
[   93.954889][ T6135] netlink: 12 bytes leftover after parsing attributes in process `syz.1.450'.
[   93.995785][ T6135] device macvlan2 entered promiscuous mode
[   93.997715][ T6135] device bond1 entered promiscuous mode
[   93.999064][ T6135] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   94.042912][ T6135] device bond1 left promiscuous mode
[   94.774477][ T6159] loop6: detected capacity change from 0 to 164
[   94.868763][ T6159] isofs_fill_super: root inode is not a directory. Corrupted media?
[   98.581203][   T27] audit: type=1326 audit(98.560:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.5.469" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff94b75928 code=0x7fc00000
[   98.602981][   T27] audit: type=1326 audit(98.560:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.5.469" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=211 compat=0 ip=0xffff94b75928 code=0x7fc00000
[   98.605990][   T27] audit: type=1326 audit(98.560:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.5.469" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff94b75928 code=0x7fc00000
[   98.609122][   T27] audit: type=1326 audit(98.560:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.5.469" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff94b75928 code=0x7fc00000
[   98.655508][   T27] audit: type=1326 audit(98.560:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.5.469" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff94b75928 code=0x7fc00000
[   98.668874][   T27] audit: type=1326 audit(98.560:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.5.469" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff94b75928 code=0x7fc00000
[   98.686906][   T27] audit: type=1326 audit(98.560:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.5.469" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff94b75928 code=0x7fc00000
[   98.707870][   T27] audit: type=1326 audit(98.560:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.5.469" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff94b75928 code=0x7fc00000
[   98.711049][   T27] audit: type=1326 audit(98.560:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.5.469" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff94b75928 code=0x7fc00000
[   98.714378][   T27] audit: type=1326 audit(98.560:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6200 comm="syz.5.469" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff94b75928 code=0x7fc00000
[   99.737095][ T6237] loop5: detected capacity change from 0 to 1024
[   99.878666][ T6237] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  100.017735][ T6246] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  100.071118][ T5129] EXT4-fs (loop5): unmounting filesystem.
[  100.355913][ T6258] cgroup: No subsys list or none specified
[  100.761172][ T6265] capability: warning: `syz.1.487' uses deprecated v2 capabilities in a way that may be insecure
[  103.195284][ T6311] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  103.197168][ T6311] 8021q: adding VLAN 0 to HW filter on device bond0
[  103.199494][ T6311] 8021q: adding VLAN 0 to HW filter on device team0
[  103.242359][ T6311] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  103.255773][ T6319] netlink: 12 bytes leftover after parsing attributes in process `syz.1.505'.
[  103.259016][ T6319] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  103.260416][ T6319] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  103.261716][ T6319] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  103.263018][ T6319] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  103.267139][ T6319] netlink: 12 bytes leftover after parsing attributes in process `syz.1.505'.
[  103.322097][ T6330] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  103.326387][ T6330] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  103.760441][ T6343] device syzkaller0 entered promiscuous mode
[  104.874237][ T6373] loop5: detected capacity change from 0 to 2048
[  104.908616][ T6373] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[  104.911546][ T6373] UDF-fs: Scanning with blocksize 512 failed
[  104.917575][ T6373] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  105.362713][ T4490] kworker/u4:9: attempt to access beyond end of device
[  105.362713][ T4490] loop5: rw=1, sector=2048, nr_sectors = 2 limit=2048
[  105.364895][ T4490] Buffer I/O error on dev loop5, logical block 1024, lost async page write
[  105.594167][ T4490] kworker/u4:9: attempt to access beyond end of device
[  105.594167][ T4490] loop5: rw=1, sector=2048, nr_sectors = 2 limit=2048
[  105.614861][ T4490] Buffer I/O error on dev loop5, logical block 1024, lost async page write
[  105.621468][ T4490] kworker/u4:9: attempt to access beyond end of device
[  105.621468][ T4490] loop5: rw=1, sector=2048, nr_sectors = 2 limit=2048
[  105.726169][ T4490] Buffer I/O error on dev loop5, logical block 1024, lost async page write
[  105.733628][ T4490] kworker/u4:9: attempt to access beyond end of device
[  105.733628][ T4490] loop5: rw=1, sector=2048, nr_sectors = 2 limit=2048
[  105.738965][ T4490] Buffer I/O error on dev loop5, logical block 1024, lost async page write
[  105.742617][ T4490] kworker/u4:9: attempt to access beyond end of device
[  105.742617][ T4490] loop5: rw=1, sector=2050, nr_sectors = 2 limit=2048
[  105.746330][ T4490] Buffer I/O error on dev loop5, logical block 1025, lost async page write
[  105.759729][ T4490] kworker/u4:9: attempt to access beyond end of device
[  105.759729][ T4490] loop5: rw=1, sector=2050, nr_sectors = 2 limit=2048
[  105.761935][ T4490] Buffer I/O error on dev loop5, logical block 1025, lost async page write
[  105.766109][ T4490] kworker/u4:9: attempt to access beyond end of device
[  105.766109][ T4490] loop5: rw=1, sector=2050, nr_sectors = 2 limit=2048
[  105.768113][ T4490] Buffer I/O error on dev loop5, logical block 1025, lost async page write
[  105.769473][ T4490] kworker/u4:9: attempt to access beyond end of device
[  105.769473][ T4490] loop5: rw=1, sector=2050, nr_sectors = 2 limit=2048
[  105.771652][ T4490] Buffer I/O error on dev loop5, logical block 1025, lost async page write
[  105.773159][ T4490] kworker/u4:9: attempt to access beyond end of device
[  105.773159][ T4490] loop5: rw=1, sector=2052, nr_sectors = 2 limit=2048
[  105.775488][ T4490] Buffer I/O error on dev loop5, logical block 1026, lost async page write
[  105.776932][ T4490] kworker/u4:9: attempt to access beyond end of device
[  105.776932][ T4490] loop5: rw=1, sector=2052, nr_sectors = 2 limit=2048
[  105.779208][ T4490] Buffer I/O error on dev loop5, logical block 1026, lost async page write
[  106.232771][ T6403] fuse: Bad value for 'fd'
[  106.246922][ T6405] batman_adv: batadv0: Adding interface: dummy0
[  106.248228][ T6405] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  106.253294][ T6405] batman_adv: batadv0: Interface activated: dummy0
[  106.263296][ T6405] batadv0: mtu less than device minimum
[  106.266032][ T6405] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  106.269132][ T6405] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  106.272163][ T6405] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  106.275205][ T6405] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  106.278177][ T6405] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  106.281220][ T6405] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  106.284222][ T6405] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  106.707136][ T6419] netlink: 8 bytes leftover after parsing attributes in process `syz.5.530'.
[  108.319577][ T6467] tipc: Started in network mode
[  108.320531][ T6467] tipc: Node identity 4, cluster identity 4711
[  108.321448][ T6467] tipc: Node number set to 4
[  108.519853][ T6473] ptrace attach of "./syz-executor exec"[4325] was attempted by "./syz-executor exec"[6473]
[  108.998985][    C1] vcan0: j1939_tp_rxtimer: 0x00000000b65d53cc: rx timeout, send abort
[  110.070650][    C1] vcan0: j1939_tp_rxtimer: 0x00000000f9ef114d: rx timeout, send abort
[  110.071977][    C1] vcan0: j1939_tp_rxtimer: 0x00000000b65d53cc: abort rx timeout. Force session deactivation
[  110.145114][ T6497] batman_adv: batadv0: Adding interface: dummy0
[  110.146165][ T6497] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  110.149937][ T6497] batman_adv: batadv0: Interface activated: dummy0
[  110.158091][ T6497] net_ratelimit: 12 callbacks suppressed
[  110.158101][ T6497] batadv0: mtu less than device minimum
[  110.161846][ T6497] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  110.165121][ T6497] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  110.168047][ T6497] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  110.171132][ T6497] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  110.174140][ T6497] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  110.177236][ T6497] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  110.180183][ T6497] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  110.183191][ T6497] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  110.186190][ T6497] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  110.571962][    C1] vcan0: j1939_tp_rxtimer: 0x00000000f9ef114d: abort rx timeout. Force session deactivation
[  110.629947][ T6509] binder: 6508:6509 tried to acquire reference to desc 0, got 1 instead
[  110.634700][ T4388] binder: release 6508:6509 transaction 21 out, still active
[  110.635928][ T4388] binder: undelivered TRANSACTION_COMPLETE
[  110.651587][ T4388] binder: send failed reply for transaction 21, target dead
[  110.675165][ T6511] netlink: 182 bytes leftover after parsing attributes in process `syz.1.559'.
[  111.119608][ T6525] loop5: detected capacity change from 0 to 2048
[  111.195582][ T6525] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  111.286116][ T6528] Invalid option length (1032005) for dns_resolver key
[  111.537632][ T6525] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  113.113559][ T6552] loop5: detected capacity change from 0 to 164
[  113.200932][ T6552] isofs_fill_super: root inode is not a directory. Corrupted media?
[  113.958512][ T5392] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  114.026058][ T6566] netlink: 'syz.1.575': attribute type 1 has an invalid length.
[  114.056972][ T6566] bond2: (slave veth11): Enslaving as an active interface with a down link
[  114.108047][ T6570] netlink: 4 bytes leftover after parsing attributes in process `syz.1.575'.
[  114.111315][ T6570] bond2 (unregistering): (slave veth11): Releasing active interface
[  114.126114][ T6573] netlink: 'syz.0.576': attribute type 11 has an invalid length.
[  114.213975][ T6580] netlink: 'syz.0.576': attribute type 11 has an invalid length.
[  114.225182][ T6570] bond2 (unregistering): Released all slaves
[  115.705701][   T27] kauditd_printk_skb: 56 callbacks suppressed
[  115.705717][   T27] audit: type=1326 audit(115.690:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6597 comm="syz.0.584" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff82775928 code=0x0
[  115.807703][ T6605] 9pnet_fd: p9_fd_create_tcp (6605): problem connecting socket to 127.0.0.1
[  116.905821][ T6627] netlink: 'syz.1.592': attribute type 1 has an invalid length.
[  116.968596][ T6627] 8021q: adding VLAN 0 to HW filter on device bond2
[  117.014508][ T6627] bond2: (slave gretap1): making interface the new active one
[  117.018002][ T6627] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  117.019564][ T4403] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  117.346744][ T6636] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  117.410609][ T6634] netlink: 8 bytes leftover after parsing attributes in process `syz.6.595'.
[  117.491504][ T6643] dns_resolver: Unsupported server list version (0)
[  118.081555][ T6651] netlink: 'syz.5.599': attribute type 1 has an invalid length.
[  118.087699][ T6651] device bond1 entered promiscuous mode
[  118.088879][ T6651] 8021q: adding VLAN 0 to HW filter on device bond1
[  118.106728][ T6651] bond1: (slave bridge2): making interface the new active one
[  118.108108][ T6651] device bridge2 entered promiscuous mode
[  118.109575][ T6651] bond1: (slave bridge2): Enslaving as an active interface with an up link
[  118.110184][ T6650] overlayfs: upper fs is r/o, try multi-lower layers mount
[  118.111013][ T4489] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  118.138751][ T6651] bond1: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  118.144625][ T6651] bond1: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  118.251832][ T6663] device ipip0 entered promiscuous mode
[  121.167753][   T27] audit: type=1326 audit(121.150:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6722 comm="syz.5.623" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff94b75928 code=0x7ffc0000
[  121.171304][   T27] audit: type=1326 audit(121.150:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6722 comm="syz.5.623" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff94b75928 code=0x7ffc0000
[  121.189771][   T27] audit: type=1326 audit(121.150:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6722 comm="syz.5.623" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=8 compat=0 ip=0xffff94b75928 code=0x7ffc0000
[  121.215591][   T27] audit: type=1326 audit(121.150:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6722 comm="syz.5.623" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff94b75928 code=0x7ffc0000
[  121.232603][   T27] audit: type=1326 audit(121.150:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6722 comm="syz.5.623" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff94b75928 code=0x7ffc0000
[  121.240375][   T27] audit: type=1326 audit(121.150:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6722 comm="syz.5.623" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff94b588ec code=0x7ffc0000
[  121.245952][   T27] audit: type=1326 audit(121.150:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6722 comm="syz.5.623" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff94b588ec code=0x7ffc0000
[  121.252516][   T27] audit: type=1326 audit(121.150:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6722 comm="syz.5.623" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff94b75928 code=0x7ffc0000
[  121.282834][   T27] audit: type=1326 audit(121.150:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6722 comm="syz.5.623" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff94b75928 code=0x7ffc0000
[  121.286425][   T27] audit: type=1326 audit(121.150:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6722 comm="syz.5.623" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=40 compat=0 ip=0xffff94b75928 code=0x7ffc0000
[  121.670789][ T6738] binder: 6737:6738 tried to acquire reference to desc 0, got 1 instead
[  121.677232][ T6738] binder: 6737:6738 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  121.679465][ T6738] binder: 6738 RLIMIT_NICE not set
[  121.680303][ T6738] binder: 6738 RLIMIT_NICE not set
[  121.688691][ T6738] binder: 6737:6738 got new transaction with bad transaction stack, transaction 32 has target 6737:6738
[  121.690546][ T6738] binder: 6737:6738 transaction call to 6737:0 failed 33/29201/-71, size 0-0 line 3105
[  121.696484][  T113] binder: release 6737:6738 transaction 32 out, still active
[  121.697633][  T113] binder: undelivered TRANSACTION_COMPLETE
[  121.698580][  T113] binder: undelivered TRANSACTION_ERROR: 29201
[  121.720591][  T113] binder: release 6737:6738 transaction 32 in, still active
[  121.721762][  T113] binder: send failed reply for transaction 32, target dead
[  121.722758][ T6736] device vlan2 entered promiscuous mode
[  122.284024][ T6758] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  122.297341][ T6758] bond0: (slave bond_slave_0): Releasing backup interface
[  122.333624][ T6758] bond0: (slave bond_slave_1): Releasing backup interface
[  122.761795][ T6758] team0: Port device team_slave_0 removed
[  122.776452][ T6758] team0: Port device team_slave_1 removed
[  122.780399][ T6758] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  122.785202][ T6758] batman_adv: batadv0: Removing interface: batadv_slave_1
[  122.819373][ T6760] team0: Mode changed to "loadbalance"
[  122.821038][ T6764] device vlan0 entered promiscuous mode
[  122.836467][ T6764] team0: Port device vlan0 added
[  122.837548][ T6770] netlink: 'syz.2.636': attribute type 10 has an invalid length.
[  122.852044][ T6770] 8021q: adding VLAN 0 to HW filter on device bond0
[  122.857345][ T6770] team0: Failed to send port change of device bond0 via netlink (err -105)
[  122.858968][ T6770] team0: Failed to send options change via netlink (err -105)
[  122.860393][ T6770] team0: Port device bond0 added
[  122.862385][ T6769] tipc: Enabled bearer <eth:team0>, priority 0
[  122.864402][ T4490] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  122.980654][ T6783] overlayfs: failed to clone lowerpath
[  123.087887][ T6791] netlink: 'syz.0.642': attribute type 10 has an invalid length.
[  124.053428][ T6804] netlink: 12 bytes leftover after parsing attributes in process `syz.2.651'.
[  124.098343][ T6804] bond1: (slave bridge0): Enslaving as an active interface with an up link
[  124.132894][ T6804] device bond1 entered promiscuous mode
[  124.133838][ T6804] device bridge0 entered promiscuous mode
[  124.169287][ T6814] loop6: detected capacity change from 0 to 128
[  124.248583][ T6821] team0: Port device bond0 removed
[  124.250224][ T6821] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  124.255924][ T6821] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  124.280274][ T6821] bond0: (slave bond_slave_0): Releasing backup interface
[  124.345105][ T6821] bond0: (slave bond_slave_1): Releasing backup interface
[  125.189155][ T6821] team0: Port device team_slave_0 removed
[  125.210878][ T6821] team0: Port device team_slave_1 removed
[  125.225339][ T6821] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  125.231136][ T6821] batman_adv: batadv0: Removing interface: batadv_slave_0
[  125.240313][ T6821] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  125.241527][ T6821] batman_adv: batadv0: Removing interface: batadv_slave_1
[  125.258772][ T6821] batman_adv: batadv0: Removing interface: ip6gretap1
[  125.264910][ T6821] batman_adv: batadv0: Removing interface: veth3
[  125.276466][ T6821] bond2: (slave gretap1): Releasing active interface
[  125.328003][ T6825] netlink: 'syz.1.659': attribute type 10 has an invalid length.
[  125.340612][ T6825] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  125.368607][ T6835] netlink: 'syz.5.662': attribute type 13 has an invalid length.
[  125.654391][ T6835] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  125.657569][ T6835] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  125.787385][ T6860] netlink: 'syz.5.671': attribute type 1 has an invalid length.
[  125.932563][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[  125.934310][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[  126.562514][ T6860] 8021q: adding VLAN 0 to HW filter on device bond2
[  126.677954][ T6860] bond2: (slave gretap1): making interface the new active one
[  126.680240][ T6860] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  126.690432][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  127.195804][ T6880] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  127.208075][ T6880] team0: Port device vlan0 removed
[  127.217471][ T4403] tipc: Resetting bearer <eth:team0>
[  127.578537][ T6884] netlink: 4 bytes leftover after parsing attributes in process `syz.2.678'.
[  127.581428][ T6884] netlink: 24 bytes leftover after parsing attributes in process `syz.2.678'.
[  127.623823][ T6886] netlink: 'syz.0.679': attribute type 1 has an invalid length.
[  127.641573][ T6886] bond1: (slave gretap1): making interface the new active one
[  127.646937][ T6886] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  127.657141][ T6886] netlink: 44 bytes leftover after parsing attributes in process `syz.0.679'.
[  127.659760][ T6886] device bond1 entered promiscuous mode
[  127.660615][ T6886] device gretap1 entered promiscuous mode
[  127.662059][ T6886] 8021q: adding VLAN 0 to HW filter on device bond1
[  127.694712][ T6889] overlayfs: failed to clone upperpath
[  127.717735][ T6893] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off.
[  127.721710][ T6893] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  128.106236][ T6901] loop6: detected capacity change from 0 to 64
[  129.347300][   T27] kauditd_printk_skb: 20 callbacks suppressed
[  129.347309][   T27] audit: type=1326 audit(129.330:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6911 comm="syz.0.689" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff82775928 code=0x0
[  131.324606][ T6940] netlink: 12 bytes leftover after parsing attributes in process `syz.1.696'.
[  131.365859][ T6940] device veth13 entered promiscuous mode
[  131.367472][ T6940] bridge0: port 1(veth13) entered blocking state
[  131.368694][ T6940] bridge0: port 1(veth13) entered disabled state
[  131.370610][ T6940] bridge0: port 1(veth13) entered blocking state
[  131.371701][ T6940] bridge0: port 1(veth13) entered forwarding state
[  131.374624][   T11] bridge0: port 1(veth13) entered disabled state
[  131.399446][ T6940] device veth15 entered promiscuous mode
[  131.401090][ T6940] bridge0: port 2(veth15) entered blocking state
[  131.405118][ T6940] bridge0: port 2(veth15) entered disabled state
[  131.406846][ T6940] bridge0: port 2(veth15) entered blocking state
[  131.407801][ T6940] bridge0: port 2(veth15) entered forwarding state
[  131.420402][   T11] bridge0: port 2(veth15) entered disabled state
[  131.507946][ T6946] lo: Caught tx_queue_len zero misconfig
[  134.808372][ T6990] loop5: detected capacity change from 0 to 32768
[  135.235319][ T7010] tmpfs: Bad value for 'mpol'
[  136.171564][ T7021] ERROR: (device loop5): txAbort: 
[  136.171564][ T7021] 
[  136.193557][ T7021] ERROR: (device loop5): remounting filesystem as read-only
[  136.296494][ T7028] netlink: 4 bytes leftover after parsing attributes in process `syz.2.722'.
[  136.309525][ T7028] netlink: 12 bytes leftover after parsing attributes in process `syz.2.722'.
[  136.382098][ T7033] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  136.388526][ T7033] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  136.394155][ T7033] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  136.396414][ T7033] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  141.024732][ T7120] netlink: 4 bytes leftover after parsing attributes in process `syz.6.750'.
[  141.980605][ T7145] netlink: 8 bytes leftover after parsing attributes in process `syz.0.757'.
[  141.982341][ T7145] netlink: 12 bytes leftover after parsing attributes in process `syz.0.757'.
[  141.985233][ T7145] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  141.986625][ T7145] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  141.987942][ T7145] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  141.989293][ T7145] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  141.993191][ T7145] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  141.994780][ T7145] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  142.519216][ T7155] netlink: 4 bytes leftover after parsing attributes in process `syz.1.761'.
[  142.591949][ T4326] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  142.593935][ T4326] CPU: 1 PID: 4326 Comm: kworker/u5:3 Not tainted syzkaller #0
[  142.595128][ T4326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  142.596726][ T4326] Workqueue: hci4 hci_rx_work
[  142.597478][ T4326] Call trace:
[  142.598014][ T4326]  dump_backtrace+0x1c0/0x1ec
[  142.598777][ T4326]  show_stack+0x2c/0x3c
[  142.599438][ T4326]  __dump_stack+0x30/0x40
[  142.600136][ T4326]  dump_stack_lvl+0xf4/0x15c
[  142.600872][ T4326]  dump_stack+0x1c/0x5c
[  142.601560][ T4326]  sysfs_create_dir_ns+0x244/0x264
[  142.602485][ T4326]  kobject_add_internal+0x598/0xb08
[  142.603369][ T4326]  kobject_add+0x140/0x20c
[  142.604080][ T4326]  device_add+0x3f0/0xf90
[  142.604802][ T4326]  hci_conn_add_sysfs+0xbc/0x1c8
[  142.605617][ T4326]  le_conn_complete_evt+0xcc8/0x1244
[  142.606594][ T4326]  hci_le_conn_complete_evt+0x114/0x3f4
[  142.607464][ T4326]  hci_le_meta_evt+0x2c0/0x4a0
[  142.608199][ T4326]  hci_event_packet+0x6b8/0xf18
[  142.608958][ T4326]  hci_rx_work+0x324/0xa80
[  142.609662][ T4326]  process_one_work+0x7f8/0x13a4
[  142.610426][ T4326]  worker_thread+0x8c4/0xfec
[  142.611145][ T4326]  kthread+0x250/0x2d8
[  142.611807][ T4326]  ret_from_fork+0x10/0x20
[  142.613157][ T4326] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  142.615458][ T4326] Bluetooth: hci4: failed to register connection device
[  142.621281][ T7161] netlink: 24 bytes leftover after parsing attributes in process `syz.6.763'.
[  142.649248][ T7163] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  143.200677][ T7180] loop5: detected capacity change from 0 to 2048
[  143.211042][ T7180] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  143.638546][ T7191] netlink: 24 bytes leftover after parsing attributes in process `syz.1.774'.
[  143.715947][ T7191] netlink: 4 bytes leftover after parsing attributes in process `syz.1.774'.
[  147.133037][ T7256] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  147.135037][ T7256] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  147.141547][ T7256] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  147.144004][ T7256] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  147.149241][ T7254] netlink: 4 bytes leftover after parsing attributes in process `syz.1.793'.
[  148.030629][ T7270] tipc: Failed to remove unknown binding: 66,1,1/0:2914206523/2914206525
[  148.035915][ T7268] netlink: 'syz.2.797': attribute type 16 has an invalid length.
[  148.036895][ T7270] tipc: Failed to remove unknown binding: 66,1,1/0:2914206523/2914206525
[  148.037126][ T7268] netlink: 'syz.2.797': attribute type 17 has an invalid length.
[  148.038607][ T7270] tipc: Failed to remove unknown binding: 66,1,1/0:2914206523/2914206525
[  148.123428][ T7279] netlink: 12 bytes leftover after parsing attributes in process `syz.6.803'.
[  148.214301][ T7283] netlink: 24 bytes leftover after parsing attributes in process `syz.5.799'.
[  149.537398][ T7279] device gre1 entered promiscuous mode
[  149.538576][ T7279] bond1: (slave gre1): The slave device specified does not support setting the MAC address
[  149.549513][ T7279] bond1: (slave gre1): Error -95 calling set_mac_address
[  149.562322][ T7290] team_slave_1: Caught tx_queue_len zero misconfig
[  149.724384][ T7288] device macvlan2 entered promiscuous mode
[  149.725511][ T7288] bond1: (slave macvlan2): Error -99 calling set_mac_address
[  150.240025][ T7311] 8021q: adding VLAN 0 to HW filter on device bond0
[  150.247201][ T7311] team0: Port device bond0 added
[  150.361529][ T7311] team0: Failed to send port change of device bond0 via netlink (err -105)
[  150.370260][ T7311] bridge0: port 1(bridge_slave_0) entered disabled state
[  150.372877][ T7311] bridge0: port 2(bridge_slave_1) entered disabled state
[  150.376221][ T7311] team0: Failed to send port change of device team_slave_0 via netlink (err -105)
[  150.378474][ T7311] team0: Failed to send port change of device team_slave_1 via netlink (err -105)
[  150.468968][ T7325] 8021q: adding VLAN 0 to HW filter on device bond2
[  150.478973][ T7325] device veth0 entered promiscuous mode
[  150.483123][ T7325] bond2: (slave macvlan2): making interface the new active one
[  150.484819][ T7325] bond2: (slave macvlan2): Enslaving as an active interface with an up link
[  150.487669][ T4699] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  150.986811][ T7337] netlink: 24 bytes leftover after parsing attributes in process `syz.1.819'.
[  151.030421][ T7339] tipc: Started in network mode
[  151.031279][ T7339] tipc: Node identity fe800000000000000000000000000016, cluster identity 4711
[  151.035597][ T7339] tipc: Enabled bearer <udp:syz1>, priority 10
[  151.040641][ T7341] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  151.047329][ T7341] tipc: Enabled bearer <eth:team0>, priority 0
[  151.554619][ T7354] netlink: 24 bytes leftover after parsing attributes in process `syz.6.826'.
[  151.564433][ T7354] netlink: 28 bytes leftover after parsing attributes in process `syz.6.826'.
[  151.593463][ T7349] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  152.707911][  T113] tipc: Node number set to 4269801494
[  152.994073][ T7388] "syz.1.833" (7388) uses obsolete ecb(arc4) skcipher
[  154.588281][ T7409] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  155.036238][ T7420] 9pnet: p9_errstr2errno: server reported unknown error 1844674407370
[  156.307528][ T7445] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  156.309124][ T7445] device syzkaller0 entered promiscuous mode
[  156.314871][ T7445] tipc: Resetting bearer <eth:syzkaller0>
[  156.317755][ T7444] tipc: Resetting bearer <eth:syzkaller0>
[  156.426239][ T7444] tipc: Disabling bearer <eth:syzkaller0>
[  156.517443][ T7452] device wg1 entered promiscuous mode
[  157.440502][ T7470] netlink: 'syz.0.864': attribute type 1 has an invalid length.
[  157.455446][ T7470] 8021q: adding VLAN 0 to HW filter on device bond3
[  157.468790][ T7470] bond3: (slave ip6gretap1): making interface the new active one
[  157.471384][ T7470] bond3: (slave ip6gretap1): Enslaving as an active interface with an up link
[  158.917239][ T4329] Bluetooth: hci1: command 0x0406 tx timeout
[  158.917272][ T4322] Bluetooth: hci3: command 0x0406 tx timeout
[  158.918236][ T4329] Bluetooth: hci2: command 0x0406 tx timeout
[  158.998321][ T7515] netlink: 8 bytes leftover after parsing attributes in process `syz.2.880'.
[  159.001132][ T7515] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[  159.004408][ T7511] device syzkaller0 entered promiscuous mode
[  160.332372][ T7525] netlink: 1032 bytes leftover after parsing attributes in process `syz.2.880'.
[  162.041481][ T7575] netlink: 'syz.0.894': attribute type 10 has an invalid length.
[  162.345102][ T7575] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  162.360716][ T7579] 8021q: adding VLAN 0 to HW filter on device bond4
[  163.219689][ T7591] netlink: 12 bytes leftover after parsing attributes in process `syz.6.898'.
[  163.361159][ T7591] device macvlan3 entered promiscuous mode
[  163.366294][ T7591] device bond3 entered promiscuous mode
[  163.370772][ T7591] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  163.855221][ T7591] device bond3 left promiscuous mode
[  163.964484][ T7599] netlink: 24 bytes leftover after parsing attributes in process `syz.0.900'.
[  164.255087][ T7602] lo: Caught tx_queue_len zero misconfig
[  164.302577][ T7605] netlink: 'syz.1.903': attribute type 10 has an invalid length.
[  164.307791][ T7605] bond0: (slave netdevsim0): Releasing backup interface
[  164.393678][ T7605] team0: Port device netdevsim0 added
[  164.781346][   T27] audit: type=1326 audit(164.760:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7619 comm="syz.5.908" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff94b75928 code=0x7ffc0000
[  164.785412][   T27] audit: type=1326 audit(164.760:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7619 comm="syz.5.908" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff94b75928 code=0x7ffc0000
[  164.790401][ T7620] netlink: 1347 bytes leftover after parsing attributes in process `syz.5.908'.
[  164.791714][   T27] audit: type=1326 audit(164.770:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7619 comm="syz.5.908" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff94b75928 code=0x7ffc0000
[  164.799151][   T27] audit: type=1326 audit(164.770:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7619 comm="syz.5.908" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff94b75928 code=0x7ffc0000
[  164.806645][   T27] audit: type=1326 audit(164.770:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7619 comm="syz.5.908" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff94b75928 code=0x7ffc0000
[  164.812048][   T27] audit: type=1326 audit(164.770:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7619 comm="syz.5.908" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=206 compat=0 ip=0xffff94b75928 code=0x7ffc0000
[  164.817959][   T27] audit: type=1326 audit(164.770:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7619 comm="syz.5.908" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff94b75928 code=0x7ffc0000
[  164.825152][   T27] audit: type=1326 audit(164.770:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7619 comm="syz.5.908" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=207 compat=0 ip=0xffff94b75928 code=0x7ffc0000
[  164.830603][   T27] audit: type=1326 audit(164.770:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7619 comm="syz.5.908" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff94b75928 code=0x7ffc0000
[  164.845070][   T27] audit: type=1326 audit(164.770:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7619 comm="syz.5.908" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff94b75928 code=0x7ffc0000
[  166.431199][ T7657] netlink: 12 bytes leftover after parsing attributes in process `syz.2.917'.
[  167.111249][ T7657] device macvlan3 entered promiscuous mode
[  167.117749][ T7657] device bond2 entered promiscuous mode
[  167.118930][ T7657] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  167.313284][ T7657] device bond2 left promiscuous mode
[  168.030130][ T7684] device bridge2 entered promiscuous mode
[  169.352510][ T7709] cgroup: No subsys list or none specified
[  170.500131][ T7730] loop5: detected capacity change from 0 to 16
[  170.505990][ T7730] erofs: (device loop5): mounted with root inode @ nid 36.
[  171.502455][   T27] kauditd_printk_skb: 13 callbacks suppressed
[  171.502468][   T27] audit: type=1326 audit(171.480:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7720 comm="syz.6.940" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ef75928 code=0x7fc00000
[  171.515091][   T27] audit: type=1326 audit(171.480:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7720 comm="syz.6.940" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=211 compat=0 ip=0xffff9ef75928 code=0x7fc00000
[  171.530612][   T27] audit: type=1326 audit(171.480:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7720 comm="syz.6.940" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ef75928 code=0x7fc00000
[  171.536536][   T27] audit: type=1326 audit(171.490:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7720 comm="syz.6.940" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ef75928 code=0x7fc00000
[  171.542523][   T27] audit: type=1326 audit(171.490:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7720 comm="syz.6.940" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ef75928 code=0x7fc00000
[  171.548084][   T27] audit: type=1326 audit(171.490:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7720 comm="syz.6.940" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ef75928 code=0x7fc00000
[  171.561367][   T27] audit: type=1326 audit(171.490:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7720 comm="syz.6.940" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ef75928 code=0x7fc00000
[  171.569233][   T27] audit: type=1326 audit(171.490:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7720 comm="syz.6.940" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ef75928 code=0x7fc00000
[  171.577005][   T27] audit: type=1326 audit(171.490:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7720 comm="syz.6.940" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ef75928 code=0x7fc00000
[  171.581567][   T27] audit: type=1326 audit(171.490:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7720 comm="syz.6.940" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ef75928 code=0x7fc00000
[  174.181326][ T7796] loop5: detected capacity change from 0 to 256
[  174.195978][ T7796] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[  176.445890][ T7851] binder: 7850:7851 tried to acquire reference to desc 0, got 1 instead
[  176.448425][ T7851] binder: 7850:7851 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  176.450592][ T7851] binder: 7851 RLIMIT_NICE not set
[  176.451499][ T7851] binder: 7851 RLIMIT_NICE not set
[  176.454825][ T7851] binder: 7851 RLIMIT_NICE not set
[  176.455847][ T7851] binder: 7850:7851 got transaction with invalid offset (48, min 0 max 88) or object.
[  176.457437][ T7851] binder: 7850:7851 transaction reply to 7850:7851 failed 39/29201/-22, size 88-24 line 3346
[  176.459195][ T7851] binder: send failed reply for transaction 38 to 7850:7851
[  176.468489][ T3897] binder: undelivered TRANSACTION_COMPLETE
[  176.469586][ T3897] binder: undelivered TRANSACTION_ERROR: 29201
[  176.470705][ T3897] binder: undelivered TRANSACTION_ERROR: 29190
[  178.974227][ T7883] autofs4:pid:7883:autofs_fill_super: called with bogus options
[  179.802579][ T7894] netlink: 'syz.5.1002': attribute type 1 has an invalid length.
[  179.827220][ T7894] 8021q: adding VLAN 0 to HW filter on device bond3
[  180.178506][ T7894] bond3: (slave gretap2): making interface the new active one
[  180.181095][ T7894] bond3: (slave gretap2): Enslaving as an active interface with an up link
[  180.185317][ T6993] IPv6: ADDRCONF(NETDEV_CHANGE): bond3: link becomes ready
[  180.904877][ T7914] 8021q: adding VLAN 0 to HW filter on device bond0
[  180.965070][ T7914] net_ratelimit: 10 callbacks suppressed
[  180.965076][ T7914] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  181.428278][ T7919] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1001'.
[  181.494310][ T7919] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1001'.
[  184.339690][ T4326] Bluetooth: hci0: command 0x0406 tx timeout
[  184.482862][ T7964] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  184.939990][ T7971] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1019'.
[  184.941724][ T7971] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1019'.
[  187.393467][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[  187.394545][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[  192.360091][ T8096] Invalid option length (1032005) for dns_resolver key
[  192.527331][ T8110] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[  192.841656][ T8113] sctp: [Deprecated]: syz.6.1061 (pid 8113) Use of struct sctp_assoc_value in delayed_ack socket option.
[  192.841656][ T8113] Use struct sctp_sack_info instead
[  193.452916][ T4403] af_packet: tpacket_rcv: packet too big, clamped from 38 to 4294967286. macoff=82
[  196.182759][ T8173] Cannot find add_set index 0 as target
[  198.275332][ T8215] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  198.279532][ T8215] tipc: Resetting bearer <eth:team0>
[  198.373435][ T8215] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  198.377679][ T8222] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  198.393635][ T8222] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  198.405455][ T8222] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  198.423578][ T8222] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  198.738766][ T8222] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  198.751894][ T8222] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  198.754145][ T8222] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  198.875708][ T8241] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1099'.
[  199.992881][ T8238] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1100'.
[  199.994173][ T8238] netlink: 'syz.5.1100': attribute type 30 has an invalid length.
[  199.998129][ T8238] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  199.999408][ T8238] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  200.000847][ T8238] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  200.002310][ T8238] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  200.027047][ T8238] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1100'.
[  200.042233][ T8238] netlink: 'syz.5.1100': attribute type 30 has an invalid length.
[  200.149351][ T8260] netlink: 'syz.6.1106': attribute type 1 has an invalid length.
[  200.159811][ T8260] device bond4 entered promiscuous mode
[  200.160859][ T8260] 8021q: adding VLAN 0 to HW filter on device bond4
[  200.172500][ T4326] Bluetooth: hci4: command 0x0406 tx timeout
[  200.480080][ T8263] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  200.483431][ T8260] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1106'.
[  200.490993][ T8260] bond4: (slave bridge2): making interface the new active one
[  200.492504][ T8260] device bridge2 entered promiscuous mode
[  200.494386][ T8260] bond4: (slave bridge2): Enslaving as an active interface with an up link
[  200.495800][ T1644] IPv6: ADDRCONF(NETDEV_CHANGE): bond4: link becomes ready
[  200.610229][ T8277] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1111'.
[  201.013719][ T8289] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  201.135659][ T8299] netlink: 'syz.2.1118': attribute type 1 has an invalid length.
[  201.146369][ T8299] 8021q: adding VLAN 0 to HW filter on device bond3
[  201.153576][ T8299] device veth5 entered promiscuous mode
[  201.156250][ T8299] bond3: (slave veth5): Enslaving as an active interface with a down link
[  201.161974][ T8299] bond3: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  201.650594][ T8312] batman_adv: batadv0: Local translation table size (148) exceeds maximum packet size (-320); Ignoring new local tt entry: 80:00:00:00:00:85
[  202.726542][ T8328] device ipip0 entered promiscuous mode
[  202.823607][ T8336] overlayfs: failed to clone upperpath
[  203.236359][ T8346] syz.1.1130 uses obsolete (PF_INET,SOCK_PACKET)
[  203.260605][ T8330] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1129'.
[  203.303011][ T8349] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1131'.
[  203.932331][ T8375] dns_resolver: Unsupported server list version (0)
[  204.061867][ T4329] Bluetooth: hci3: unexpected event 0x03 length: 1 < 11
[  204.647857][ T4329] Bluetooth: hci1: Malformed Event: 0x48
[  206.817557][   T27] kauditd_printk_skb: 57 callbacks suppressed
[  206.817567][   T27] audit: type=1326 audit(206.800:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8441 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffac575928 code=0x7ffc0000
[  206.827178][   T27] audit: type=1326 audit(206.810:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8441 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=8 compat=0 ip=0xffffac575928 code=0x7ffc0000
[  207.467816][   T27] audit: type=1326 audit(207.450:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8441 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffac575928 code=0x7ffc0000
[  207.471416][   T27] audit: type=1326 audit(207.450:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8441 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffac575928 code=0x7ffc0000
[  207.475579][   T27] audit: type=1326 audit(207.450:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8441 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=40 compat=0 ip=0xffffac575928 code=0x7ffc0000
[  207.479409][   T27] audit: type=1326 audit(207.450:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8441 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffac575928 code=0x7ffc0000
[  207.486597][   T27] audit: type=1326 audit(207.450:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8441 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffffac575928 code=0x7ffc0000
[  207.493577][   T27] audit: type=1326 audit(207.450:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8441 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffac575928 code=0x7ffc0000
[  207.498073][   T27] audit: type=1326 audit(207.450:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8441 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=434 compat=0 ip=0xffffac575928 code=0x7ffc0000
[  207.502741][   T27] audit: type=1326 audit(207.450:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8441 comm="syz.1.1158" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffac575928 code=0x7ffc0000
[  208.388850][ T8472] ptrace attach of "./syz-executor exec"[4325] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  208.600577][ T8479] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1169'.
[  208.627955][ T8479] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 20000 - 0
[  208.629482][ T8479] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 20000 - 0
[  208.630967][ T8479] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 20000 - 0
[  208.634013][ T8479] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 20000 - 0
[  208.637572][ T8479] bond4: (slave geneve2): Enslaving as an active interface with an up link
[  208.640715][ T8479] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1169'.
[  208.645892][ T8479] bond4 (unregistering): (slave geneve2): Releasing backup interface
[  208.684724][ T8479] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 20000 - 0
[  208.686480][ T8479] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 20000 - 0
[  208.687941][ T8479] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 20000 - 0
[  208.689435][ T8479] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 20000 - 0
[  208.735749][ T8479] bond4 (unregistering): Released all slaves
[  210.187058][ T8514] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1179'.
[  210.187573][ T8516] netlink: 'syz.2.1190': attribute type 1 has an invalid length.
[  210.189410][ T8514] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1179'.
[  210.201018][ T8516] 8021q: adding VLAN 0 to HW filter on device bond4
[  210.225100][ T8516] bond4: (slave gretap1): making interface the new active one
[  210.227355][ T8516] bond4: (slave gretap1): Enslaving as an active interface with an up link
[  210.228950][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bond4: link becomes ready
[  214.153453][ T8559] device wg1 entered promiscuous mode
[  215.426730][   T27] kauditd_printk_skb: 8 callbacks suppressed
[  215.426740][   T27] audit: type=1326 audit(215.410:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8576 comm="syz.1.1201" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffac575928 code=0x0
[  216.304357][ T8595] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1206'.
[  216.325775][ T8595] device veth11 entered promiscuous mode
[  216.327420][ T8595] bridge2: port 1(veth11) entered blocking state
[  216.328588][ T8595] bridge2: port 1(veth11) entered disabled state
[  216.331280][ T8595] bridge2: port 1(veth11) entered blocking state
[  216.332298][ T8595] bridge2: port 1(veth11) entered forwarding state
[  216.348994][ T8595] device veth13 entered promiscuous mode
[  216.350511][ T8595] bridge2: port 2(veth13) entered blocking state
[  216.351736][ T8595] bridge2: port 2(veth13) entered disabled state
[  216.354033][ T8595] bridge2: port 2(veth13) entered blocking state
[  216.355077][ T8595] bridge2: port 2(veth13) entered forwarding state
[  216.360065][    T9] bridge2: port 1(veth11) entered disabled state
[  216.366406][    T9] bridge2: port 2(veth13) entered disabled state
[  218.073320][   T27] audit: type=1326 audit(218.060:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8634 comm="syz.5.1218" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff94b75928 code=0x0
[  218.209208][ T8645] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1220'.
[  218.438439][ T8651] netlink: 'syz.6.1221': attribute type 1 has an invalid length.
[  218.454614][ T8651] 8021q: adding VLAN 0 to HW filter on device bond5
[  218.459724][ T8653] bond5: (slave gretap1): making interface the new active one
[  218.461918][ T8653] bond5: (slave gretap1): Enslaving as an active interface with an up link
[  218.463720][ T5893] IPv6: ADDRCONF(NETDEV_CHANGE): bond5: link becomes ready
[  220.422010][ T8672] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1228'.
[  220.464503][ T8672] bond5: (slave bridge3): Enslaving as an active interface with an up link
[  220.485785][ T8672] device bond5 entered promiscuous mode
[  220.490920][ T8672] device bridge3 entered promiscuous mode
[  222.226544][ T8707] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1239'.
[  222.254438][ T8707] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1239'.
[  229.374123][ T8807] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  230.870626][ T8814] netlink: 'syz.1.1271': attribute type 10 has an invalid length.
[  230.888006][ T8824] overlayfs: failed to clone upperpath
[  230.891842][ T8814] 8021q: adding VLAN 0 to HW filter on device bond0
[  230.898056][ T8824] overlayfs: failed to clone upperpath
[  230.923197][ T8814] team0: Failed to send port change of device bond0 via netlink (err -105)
[  230.934931][ T8814] team0: Failed to send options change via netlink (err -105)
[  230.946978][ T8814] team0: Port device bond0 added
[  231.007845][ T8834] netlink: 'syz.2.1274': attribute type 10 has an invalid length.
[  231.021544][ T8833] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  231.051127][ T8833] tipc: Resetting bearer <eth:team0>
[  231.055372][ T8833] tipc: Resetting bearer <eth:team0>
[  231.086167][ T5893] tipc: Resetting bearer <eth:team0>
[  231.087207][ T8837] netlink: 'syz.1.1277': attribute type 16 has an invalid length.
[  231.088408][ T8837] netlink: 'syz.1.1277': attribute type 17 has an invalid length.
[  231.305830][ T8845] bond0: (slave syz_tun): Releasing backup interface
[  232.258154][ T8845] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  232.259944][ T8845] tipc: Resetting bearer <eth:team0>
[  232.267073][ T8845] bond1: (slave gretap1): Releasing active interface
[  232.268250][ T8845] device gretap1 left promiscuous mode
[  232.296565][ T8845] bond3: (slave ip6gretap1): Releasing active interface
[  232.347381][ T8845] bridge2: port 1(veth11) entered disabled state
[  232.383108][ T8845] bridge2: port 2(veth13) entered disabled state
[  232.435694][ T8845] bond5: (slave bridge3): Releasing backup interface
[  232.473453][ T8845] device bridge3 left promiscuous mode
[  232.481909][ T8843] device vlan2 entered promiscuous mode
[  234.363059][ T8893] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1305'.
[  235.409030][ T8901] "syz.0.1294" (8901) uses obsolete ecb(arc4) skcipher
[  237.834677][ T8957] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1310'.
[  237.925285][ T8963] tipc: Failed to remove unknown binding: 66,1,1/4269801494:1123492725/1123492727
[  237.928182][ T8963] tipc: Failed to remove unknown binding: 66,1,1/4269801494:1123492725/1123492727
[  237.929650][ T8963] tipc: Failed to remove unknown binding: 66,1,1/4269801494:1123492725/1123492727
[  238.428784][ T8978] netlink: 'syz.5.1316': attribute type 1 has an invalid length.
[  238.464631][ T8978] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1316'.
[  239.462574][ T8978] device bond4 entered promiscuous mode
[  239.463718][ T8978] 8021q: adding VLAN 0 to HW filter on device bond4
[  239.944833][ T9000] netlink: 'syz.5.1327': attribute type 10 has an invalid length.
[  239.955764][ T9000] team0: Port device netdevsim0 added
[  240.003548][ T9002] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1326'.
[  240.090379][ T9001] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1322'.
[  241.086971][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.518282][ T9033] netlink: 'syz.2.1336': attribute type 1 has an invalid length.
[  241.578431][ T9033] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1336'.
[  241.588858][ T9033] device bond5 entered promiscuous mode
[  241.589902][ T9033] 8021q: adding VLAN 0 to HW filter on device bond5
[  242.613578][ T9055] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1343'.
[  242.633269][ T9055] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1343'.
[  245.202656][ T9074] team0: Port device bond0 removed
[  245.203940][ T9074] batman_adv: batadv0: Interface deactivated: dummy0
[  245.205052][ T9074] batman_adv: batadv0: Removing interface: dummy0
[  245.208473][ T9074] device bridge_slave_0 left promiscuous mode
[  245.209577][ T9074] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.634073][ T9074] device bridge_slave_1 left promiscuous mode
[  245.638324][ T9074] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.015682][ T9074] bond0: (slave bond_slave_0): Releasing backup interface
[  246.051791][ T9074] bond0: (slave bond_slave_1): Releasing backup interface
[  246.118585][ T9074] team0: Port device team_slave_0 removed
[  246.128714][ T9074] team0: Port device team_slave_1 removed
[  246.130085][ T9074] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  246.131482][ T9074] batman_adv: batadv0: Removing interface: batadv_slave_0
[  246.136378][ T9074] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  246.137657][ T9074] batman_adv: batadv0: Removing interface: batadv_slave_1
[  246.143798][ T9074] bond2: (slave macvlan2): Releasing backup interface
[  246.168829][ T9074] device veth0 left promiscuous mode
[  246.864483][ T9074] bond4: (slave bridge2): Releasing backup interface
[  246.865722][ T9074] device bridge2 left promiscuous mode
[  246.917314][ T9074] bond5: (slave gretap1): Releasing active interface
[  246.975868][ T9098] device bridge3 entered promiscuous mode
[  249.092465][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[  249.095918][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[  250.302029][ T9169] team0: Port device bond0 removed
[  250.306131][ T9169] tipc: Resetting bearer <eth:team0>
[  250.432993][ T9169] team0: Port device netdevsim0 removed
[  250.437152][ T9169] bridge0: port 1(veth13) entered disabled state
[  250.878963][ T9169] bridge0: port 2(veth15) entered disabled state
[  250.967061][ T9177] netlink: 'syz.6.1375': attribute type 1 has an invalid length.
[  250.981882][ T9177] 8021q: adding VLAN 0 to HW filter on device bond6
[  253.014403][ T9210] overlayfs: failed to clone upperpath
[  254.360240][ T9232] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  254.361518][ T9232] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  254.386317][ T9232] device bridge_slave_0 left promiscuous mode
[  254.391648][ T9232] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.443452][ T9232] device bridge_slave_1 left promiscuous mode
[  254.444575][ T9232] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.485876][ T9232] bond0: (slave bond_slave_0): Releasing backup interface
[  254.511196][ T9236] MPTCP: kernel_bind error, err=-99
[  254.526632][ T9232] bond0: (slave bond_slave_1): Releasing backup interface
[  254.616706][ T9232] team0: Port device team_slave_0 removed
[  254.701758][ T9232] team0: Port device team_slave_1 removed
[  254.782964][ T9233] 9pnet_fd: p9_fd_create_tcp (9233): problem connecting socket to 127.0.0.1
[  254.916735][ T9232] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  254.917951][ T9232] batman_adv: batadv0: Removing interface: batadv_slave_0
[  254.943124][ T9232] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  254.944327][ T9232] batman_adv: batadv0: Removing interface: batadv_slave_1
[  254.972641][ T9232] team0: Port device netdevsim0 removed
[  254.975163][ T9232] bond1: (slave bridge2): Releasing backup interface
[  254.976259][ T9232] device bridge2 left promiscuous mode
[  255.016303][ T9232] bond2: (slave gretap1): Releasing active interface
[  255.049628][ T9232] bond3: (slave gretap2): Releasing active interface
[  255.320120][ T9241] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1395'.
[  255.341892][ T9243] team0: Port device bond0 removed
[  255.343554][ T9243] batman_adv: batadv0: Interface deactivated: dummy0
[  255.356266][ T9243] batman_adv: batadv0: Removing interface: dummy0
[  255.358530][ T9243] bond0: (slave bond_slave_0): Releasing backup interface
[  255.383079][ T9243] bond0: (slave bond_slave_1): Releasing backup interface
[  255.414724][ T9243] team0: Port device team_slave_0 removed
[  255.416510][ T9243] team0: Port device team_slave_1 removed
[  255.417583][ T9243] batman_adv: batadv0: Removing interface: batadv_slave_1
[  255.423335][ T9243] bond1: (slave bridge0): Releasing backup interface
[  255.487331][ T9243] device bridge0 left promiscuous mode
[  255.492769][ T9243] bond3: (slave veth5): Releasing active interface
[  255.949019][ T9243] bond4: (slave gretap1): Releasing active interface
[  255.999515][ T9241] netdevsim netdevsim5 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  256.001125][ T9241] netdevsim netdevsim5 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  256.005897][ T9241] netdevsim netdevsim5 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  256.007356][ T9241] netdevsim netdevsim5 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  256.010952][ T9241] bond5: (slave geneve2): Enslaving as an active interface with an up link
[  256.016161][ T9250] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1395'.
[  256.031602][ T9250] bond5 (unregistering): (slave geneve2): Releasing backup interface
[  256.063886][ T9250] netdevsim netdevsim5 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[  256.065465][ T9250] netdevsim netdevsim5 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  256.067038][ T9250] netdevsim netdevsim5 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  256.068513][ T9250] netdevsim netdevsim5 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  256.116190][ T9250] bond5 (unregistering): Released all slaves
[  257.172855][ T9281] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  258.125221][ T9305] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  258.126349][ T9305] IPv6: NLM_F_CREATE should be set when creating new route
[  259.968659][ T9305] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  259.970127][ T9305] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  259.971729][ T9305] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  259.973280][ T9305] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  260.187781][ T9305] device bond1 left promiscuous mode
[  260.232331][ T9305] netdevsim netdevsim5 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  260.233904][ T9305] netdevsim netdevsim5 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  260.235320][ T9305] netdevsim netdevsim5 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  260.236667][ T9305] netdevsim netdevsim5 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  260.279980][ T9305] device bond4 left promiscuous mode
[  260.283626][ T9305] device bridge3 left promiscuous mode
[  260.389284][ T9319] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1413'.
[  260.390727][ T9319] netlink: 'syz.1.1413': attribute type 30 has an invalid length.
[  260.713789][ T9326] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1416'.
[  260.731681][ T9328] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1416'.
[  260.757542][ T9345] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1420'.
[  260.814213][ T9319] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1413'.
[  260.818925][ T9319] netlink: 'syz.1.1413': attribute type 30 has an invalid length.
[  262.637230][ T9383] netlink: 'syz.1.1428': attribute type 1 has an invalid length.
[  262.647433][ T9383] 8021q: adding VLAN 0 to HW filter on device bond3
[  262.726262][ T4329] Bluetooth: hci4: Malformed Event: 0x48
[  263.846414][ T9395] ptrace attach of "./syz-executor exec"[4321] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  264.169607][ T9379] lo: Caught tx_queue_len zero misconfig
[  266.195327][ T9428] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1436'.
[  266.197268][ T9429] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[  269.738344][ T4329] Bluetooth: hci3: Malformed Event: 0x48
[  272.324090][ T9505] ptrace attach of "./syz-executor exec"[4332] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  273.543520][ T9525] device wg1 entered promiscuous mode
[  274.987889][ T9534] A link change request failed with some changes committed already. Interface veth0_vlan may have been left with an inconsistent configuration, please check.
[  276.662391][ T9554] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  277.089246][ T9565] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1487'.
[  277.094884][ T9565] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  277.552962][ T9572] netlink: 1032 bytes leftover after parsing attributes in process `syz.0.1487'.
[  277.633659][ T9574] ptrace attach of "./syz-executor exec"[5474] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  279.326942][ T9599] ptrace attach of "./syz-executor exec"[5129] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  279.738739][ T9601] device wg1 entered promiscuous mode
[  279.976573][ T9615] netlink: 'syz.6.1486': attribute type 10 has an invalid length.
[  280.039480][ T9620] "syz.2.1485" (9620) uses obsolete ecb(arc4) skcipher
[  281.011395][ T9615] team0: Port device netdevsim0 added
[  282.874141][ T9652] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1498'.
[  288.167528][ T9713] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1515'.
[  288.170252][ T9713] IPv6: ADDRCONF(NETDEV_CHANGE): gre3: link becomes ready
[  288.178535][ T9713] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1515'.
[  288.180018][ T9713] IPv6: ADDRCONF(NETDEV_CHANGE): gre3: link becomes ready
[  290.100853][ T9744] sctp: [Deprecated]: syz.6.1521 (pid 9744) Use of struct sctp_assoc_value in delayed_ack socket option.
[  290.100853][ T9744] Use struct sctp_sack_info instead
[  292.936844][ T9785] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  292.962480][ T9781] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1530'.
[  292.965806][ T9781] device vlan2 entered promiscuous mode
[  292.966911][ T9781] device bond0 entered promiscuous mode
[  295.627795][ T9831] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1544'.
[  296.531893][ T9848] 
: renamed from bond_slave_0
[  298.005452][ T9868] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1553'.
[  298.710302][ T9884] x_tables: ip_tables: icmp match: only valid for protocol 1
[  299.740808][ T9896] MPTCP: kernel_bind error, err=-99
[  300.122253][ T9904] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  300.124427][ T9904] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  300.125522][ T9904] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  300.126690][ T9904] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  300.127835][ T9904] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  300.128942][ T9904] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  300.130054][ T9904] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  300.131199][ T9904] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  300.132348][ T9904] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  300.133492][ T9904] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  300.642875][ T9911] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1564'.
[  300.942977][ T9920] syz.1.1568 sent an empty control message without MSG_MORE.
[  301.728406][ T9925] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1570'.
[  303.223026][ T9942] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1574'.
[  305.728641][ T9989] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  305.739114][ T9989] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  305.743349][ T9989] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  306.269870][ T9997] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1590'.
[  307.252373][   T27] audit: type=1326 audit(307.230:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10014 comm="syz.6.1596" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ef75928 code=0x7ffc0000
[  307.259036][   T27] audit: type=1326 audit(307.230:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10014 comm="syz.6.1596" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=211 compat=0 ip=0xffff9ef75928 code=0x7ffc0000
[  307.264729][   T27] audit: type=1326 audit(307.230:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10014 comm="syz.6.1596" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ef75928 code=0x7ffc0000
[  307.271326][   T27] audit: type=1326 audit(307.230:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10014 comm="syz.6.1596" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff9ef588ec code=0x7ffc0000
[  307.282948][   T27] audit: type=1326 audit(307.230:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10014 comm="syz.6.1596" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ef75928 code=0x7ffc0000
[  307.287152][   T27] audit: type=1326 audit(307.230:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10014 comm="syz.6.1596" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffff9ef75928 code=0x7ffc0000
[  307.290611][   T27] audit: type=1326 audit(307.230:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10014 comm="syz.6.1596" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ef75928 code=0x7ffc0000
[  307.295686][   T27] audit: type=1326 audit(307.230:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10014 comm="syz.6.1596" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=220 compat=0 ip=0xffff9ef75928 code=0x7ffc0000
[  307.304472][   T27] audit: type=1326 audit(307.260:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10014 comm="syz.6.1596" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ef75928 code=0x7ffc0000
[  307.307839][   T27] audit: type=1326 audit(307.260:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10014 comm="syz.6.1596" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=117 compat=0 ip=0xffff9ef75928 code=0x7ffc0000
[  307.766855][T10011] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  307.773625][T10026] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1599'.
[  307.783188][T10026] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1599'.
[  308.669192][T10044] netlink: 'syz.1.1606': attribute type 10 has an invalid length.
[  308.670556][T10044] tipc: Resetting bearer <eth:team0>
[  308.689097][T10044] tipc: Resetting bearer <eth:team0>
[  308.690429][T10044] 8021q: adding VLAN 0 to HW filter on device team0
[  308.694319][T10044] bond0: (slave team0): Enslaving as an active interface with an up link
[  308.729646][T10044] 8021q: adding VLAN 0 to HW filter on device bond4
[  309.089111][T10044] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  309.091224][T10044] bond4: (slave macvlan2): Enslaving as a backup interface with an up link
[  309.215721][   T11] net_ratelimit: 5266 callbacks suppressed
[  309.215732][   T11] bond4: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  309.220412][ T4489] IPv6: ADDRCONF(NETDEV_CHANGE): bond4: link becomes ready
[  310.733196][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[  310.734340][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[  311.303646][   T11] bond4: (slave macvlan2): link status up again after 0 ms
[  311.304973][   T11] bond4: (slave macvlan2): failed to get link speed/duplex
[  311.418649][ T6560] bond4: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  312.215676][ T4489] bond4: (slave macvlan2): failed to get link speed/duplex
[  312.270081][T10072] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  312.289155][T10083] netlink: 36 bytes leftover after parsing attributes in process `syz.6.1611'.
[  312.322520][ T6904] bond4: (slave macvlan2): failed to get link speed/duplex
[  312.433160][ T4410] bond4: (slave macvlan2): failed to get link speed/duplex
[  312.876873][   T39] bond4: (slave macvlan2): failed to get link speed/duplex
[  313.014014][ T4489] bond4: (slave macvlan2): failed to get link speed/duplex
[  313.132492][ T4329] Bluetooth: hci0: command 0x0406 tx timeout
[  313.155998][T10101] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1617'.
[  313.162211][T10082] bond4: (slave macvlan2): failed to get link speed/duplex
[  313.282659][ T1644] bond4: (slave macvlan2): failed to get link speed/duplex
[  314.982045][T10112] ceph: No mds server is up or the cluster is laggy
[  315.330554][T10126] kthread_run failed with err -4
[  315.616551][ T4410] net_ratelimit: 4 callbacks suppressed
[  315.616565][ T4410] bond4: (slave macvlan2): failed to get link speed/duplex
[  315.722521][ T4489] bond4: (slave macvlan2): failed to get link speed/duplex
[  317.243854][ T4490] bond4: (slave macvlan2): failed to get link speed/duplex
[  317.373533][ T4489] bond4: (slave macvlan2): failed to get link speed/duplex
[  317.396778][T10154] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1634'.
[  317.492576][T10159] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1633'.
[  317.503428][ T6904] bond4: (slave macvlan2): failed to get link speed/duplex
[  317.504853][T10159] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1633'.
[  318.155190][ T4489] bond4: (slave macvlan2): failed to get link speed/duplex
[  319.012698][ T4403] bond4: (slave macvlan2): failed to get link speed/duplex
[  319.150795][ T4410] bond4: (slave macvlan2): failed to get link speed/duplex
[  319.655990][ T8956] bond4: (slave macvlan2): failed to get link speed/duplex
[  319.889317][   T11] bond4: (slave macvlan2): failed to get link speed/duplex
[  320.784924][ T6993] net_ratelimit: 1 callbacks suppressed
[  320.784935][ T6993] bond4: (slave macvlan2): failed to get link speed/duplex
[  321.964297][T10204] bond4: (slave macvlan2): failed to get link speed/duplex
[  322.606186][ T4410] bond4: (slave macvlan2): failed to get link speed/duplex
[  323.733061][ T7589] bond4: (slave macvlan2): failed to get link speed/duplex
[  323.852944][ T4699] bond4: (slave macvlan2): failed to get link speed/duplex
[  324.961608][ T7589] bond4: (slave macvlan2): failed to get link speed/duplex
[  325.788428][ T4326] Bluetooth: hci1: command 0x0406 tx timeout
[  325.805839][T10253] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1660'.
[  325.812476][    T9] bond4: (slave macvlan2): failed to get link speed/duplex
[  325.980398][ T4410] bond4: (slave macvlan2): failed to get link speed/duplex
[  327.715123][ T5911] bond4: (slave macvlan2): failed to get link speed/duplex
[  327.823326][ T7589] bond4: (slave macvlan2): failed to get link speed/duplex
[  328.150882][ T4403] bond4: (slave macvlan2): failed to get link speed/duplex
[  328.257389][T10280] bond4: (slave macvlan2): failed to get link speed/duplex
[  328.264985][T10293] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1669'.
[  328.266492][T10293] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1669'.
[  328.359494][ T4329] Bluetooth: hci4: unexpected event 0x06 length: 4 > 3
[  328.372418][ T6932] bond4: (slave macvlan2): failed to get link speed/duplex
[  328.492370][ T7589] bond4: (slave macvlan2): failed to get link speed/duplex
[  329.370350][ T7589] bond4: (slave macvlan2): failed to get link speed/duplex
[  329.519969][T10280] bond4: (slave macvlan2): failed to get link speed/duplex
[  330.172411][ T4329] Bluetooth: hci4: command 0x2016 tx timeout
[  331.464884][ T8956] net_ratelimit: 4 callbacks suppressed
[  331.464898][ T8956] bond4: (slave macvlan2): failed to get link speed/duplex
[  331.606564][ T4403] bond4: (slave macvlan2): failed to get link speed/duplex
[  331.971907][ T4489] bond4: (slave macvlan2): failed to get link speed/duplex
[  332.082542][ T6904] bond4: (slave macvlan2): failed to get link speed/duplex
[  332.182713][ T4329] Bluetooth: hci2: command 0x0406 tx timeout
[  332.192552][ T5911] bond4: (slave macvlan2): failed to get link speed/duplex
[  332.302350][ T5893] bond4: (slave macvlan2): failed to get link speed/duplex
[  332.536759][ T4489] bond4: (slave macvlan2): failed to get link speed/duplex
[  332.575684][T10356] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1687'.
[  332.666479][ T5911] bond4: (slave macvlan2): failed to get link speed/duplex
[  334.318730][ T4326] Bluetooth: hci4: command 0x0406 tx timeout
[  334.329739][ T6993] bond4: (slave macvlan2): failed to get link speed/duplex
[  334.495618][T10383] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1693'.
[  334.500437][ T6904] bond4: (slave macvlan2): failed to get link speed/duplex
[  334.513107][T10383] netlink: 31 bytes leftover after parsing attributes in process `syz.0.1693'.
[  334.524745][T10383] netlink: 'syz.0.1693': attribute type 3 has an invalid length.
[  334.526072][T10383] netlink: 'syz.0.1693': attribute type 2 has an invalid length.
[  334.527131][T10383] netlink: 31 bytes leftover after parsing attributes in process `syz.0.1693'.
[  338.552830][T10280] net_ratelimit: 4 callbacks suppressed
[  338.552843][T10280] bond4: (slave macvlan2): failed to get link speed/duplex
[  338.685369][T10280] bond4: (slave macvlan2): failed to get link speed/duplex
[  338.709508][T10440] netlink: 'syz.5.1707': attribute type 1 has an invalid length.
[  338.747091][T10440] 8021q: adding VLAN 0 to HW filter on device bond5
[  338.960228][T10280] bond4: (slave macvlan2): failed to get link speed/duplex
[  339.063362][ T4489] bond4: (slave macvlan2): failed to get link speed/duplex
[  339.173423][ T4489] bond4: (slave macvlan2): failed to get link speed/duplex
[  339.202323][ T4543] libceph: connect (1)[c::]:6789 error -101
[  339.210479][ T4543] libceph: mon0 (1)[c::]:6789 connect error
[  339.282673][ T5893] bond4: (slave macvlan2): failed to get link speed/duplex
[  339.645207][T10451] ceph: No mds server is up or the cluster is laggy
[  339.668062][ T4489] bond4: (slave macvlan2): failed to get link speed/duplex
[  339.692493][ T4543] libceph: connect (1)[c::]:6789 error -101
[  339.732265][ T4543] libceph: mon0 (1)[c::]:6789 connect error
[  339.759285][T10467] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1721'.
[  339.827445][T10467] bridge3: port 1(veth11) entered blocking state
[  339.828676][T10467] bridge3: port 1(veth11) entered disabled state
[  339.830155][T10467] device veth11 entered promiscuous mode
[  339.832795][T10466] bond4: (slave macvlan2): failed to get link speed/duplex
[  339.889057][T10467] bridge3: port 2(veth0_to_bond) entered blocking state
[  339.890467][T10467] bridge3: port 2(veth0_to_bond) entered disabled state
[  339.893117][T10467] device veth0_to_bond entered promiscuous mode
[  339.900604][T10467] bridge3: port 3(veth13) entered blocking state
[  339.901746][T10467] bridge3: port 3(veth13) entered disabled state
[  339.903449][T10467] device veth13 entered promiscuous mode
[  340.506223][ T6932] bond4: (slave macvlan2): failed to get link speed/duplex
[  340.622426][ T5893] bond4: (slave macvlan2): failed to get link speed/duplex
[  343.084048][T10519] netlink: 'syz.0.1726': attribute type 1 has an invalid length.
[  343.166564][T10519] 8021q: adding VLAN 0 to HW filter on device bond6
[  343.612438][ T4403] net_ratelimit: 8 callbacks suppressed
[  343.612451][ T4403] bond4: (slave macvlan2): failed to get link speed/duplex
[  343.848930][ T6932] bond4: (slave macvlan2): failed to get link speed/duplex
[  343.962647][T10466] bond4: (slave macvlan2): failed to get link speed/duplex
[  344.077480][T10466] bond4: (slave macvlan2): failed to get link speed/duplex
[  345.150026][ T4488] bond4: (slave macvlan2): failed to get link speed/duplex
[  345.280754][ T5911] bond4: (slave macvlan2): failed to get link speed/duplex
[  345.477835][ T4488] bond4: (slave macvlan2): failed to get link speed/duplex
[  345.582715][ T6932] bond4: (slave macvlan2): failed to get link speed/duplex
[  345.692828][ T4403] bond4: (slave macvlan2): failed to get link speed/duplex
[  345.802351][ T6904] bond4: (slave macvlan2): failed to get link speed/duplex
[  348.890107][ T8763] net_ratelimit: 8 callbacks suppressed
[  348.890348][ T8763] bond4: (slave macvlan2): failed to get link speed/duplex
[  349.775196][ T8763] bond4: (slave macvlan2): failed to get link speed/duplex
[  350.536525][ T6904] bond4: (slave macvlan2): failed to get link speed/duplex
[  350.728372][T10629] netlink: 15 bytes leftover after parsing attributes in process `syz.0.1740'.
[  350.729891][T10629] netlink: 15 bytes leftover after parsing attributes in process `syz.0.1740'.
[  350.731329][T10629] netlink: 15 bytes leftover after parsing attributes in process `syz.0.1740'.
[  350.734440][T10629] netlink: 15 bytes leftover after parsing attributes in process `syz.0.1740'.
[  350.735798][T10629] netlink: 15 bytes leftover after parsing attributes in process `syz.0.1740'.
[  350.737867][T10629] netlink: 15 bytes leftover after parsing attributes in process `syz.0.1740'.
[  350.739362][T10629] netlink: 15 bytes leftover after parsing attributes in process `syz.0.1740'.
[  350.741356][T10629] netlink: 15 bytes leftover after parsing attributes in process `syz.0.1740'.
[  350.742951][T10629] netlink: 15 bytes leftover after parsing attributes in process `syz.0.1740'.
[  350.745083][T10629] netlink: 15 bytes leftover after parsing attributes in process `syz.0.1740'.
[  350.750981][T10629] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  350.759664][T10629] tipc: Resetting bearer <eth:team0>
[  350.764803][T10629] device wg1 left promiscuous mode
[  350.778774][T10629] device vlan0 left promiscuous mode
[  350.790586][T10629] device vlan2 left promiscuous mode
[  350.794003][T10629] device bond1 left promiscuous mode
[  350.798415][T10629] device veth11 left promiscuous mode
[  350.800756][T10629] device veth13 left promiscuous mode
[  350.802983][T10629] device bond5 left promiscuous mode
[  350.805257][T10629] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  350.896687][T10204] bond4: (slave macvlan2): failed to get link speed/duplex
[  351.002977][T10204] bond4: (slave macvlan2): failed to get link speed/duplex
[  351.112736][T10204] bond4: (slave macvlan2): failed to get link speed/duplex
[  351.226499][T10280] bond4: (slave macvlan2): failed to get link speed/duplex
[  351.240046][T10627] bridge3: port 1(veth23) entered blocking state
[  351.241222][T10627] bridge3: port 1(veth23) entered disabled state
[  351.242967][T10627] device veth23 entered promiscuous mode
[  351.266471][T10627] bridge3: port 2(veth0_to_bond) entered blocking state
[  351.267631][T10627] bridge3: port 2(veth0_to_bond) entered disabled state
[  351.276803][T10627] device veth0_to_bond entered promiscuous mode
[  351.291182][   T27] kauditd_printk_skb: 17 callbacks suppressed
[  351.291189][   T27] audit: type=1326 audit(351.270:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10632 comm="syz.5.1757" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff94b75928 code=0x0
[  351.296226][T10627] bridge3: port 3(veth25) entered blocking state
[  351.297630][T10627] bridge3: port 3(veth25) entered disabled state
[  351.299282][T10627] device veth25 entered promiscuous mode
[  351.369605][T10280] bond4: (slave macvlan2): failed to get link speed/duplex
[  351.583764][ T6904] bond4: (slave macvlan2): failed to get link speed/duplex
[  351.763638][ T5893] bond4: (slave macvlan2): failed to get link speed/duplex
[  352.782378][T10667] capability: warning: `syz.5.1765' uses 32-bit capabilities (legacy support in use)
[  352.873507][T10674] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[  353.431100][T10683] bridge4: port 1(veth5) entered blocking state
[  353.432286][T10683] bridge4: port 1(veth5) entered disabled state
[  353.434608][T10683] device veth5 entered promiscuous mode
[  353.450032][T10683] bridge4: port 2(veth0_to_bond) entered blocking state
[  353.451185][T10683] bridge4: port 2(veth0_to_bond) entered disabled state
[  353.453724][T10683] device veth0_to_bond entered promiscuous mode
[  354.262779][T10204] net_ratelimit: 5 callbacks suppressed
[  354.262793][T10204] bond4: (slave macvlan2): failed to get link speed/duplex
[  354.320702][T10683] bridge4: port 3(veth7) entered blocking state
[  354.321880][T10683] bridge4: port 3(veth7) entered disabled state
[  354.324591][T10683] device veth7 entered promiscuous mode
[  354.534073][   T55] ------------[ cut here ]------------
[  354.535157][   T55] WARNING: CPU: 0 PID: 55 at io_uring/io_uring.c:2890 io_ring_exit_work+0x2e4/0x65c
[  354.536629][   T55] Modules linked in:
[  354.537252][   T55] CPU: 0 PID: 55 Comm: kworker/u4:3 Not tainted syzkaller #0
[  354.538430][   T55] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  354.540008][   T55] Workqueue: events_unbound io_ring_exit_work
[  354.540906][   T55] pstate: 82400005 (Nzcv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--)
[  354.542090][   T55] pc : io_ring_exit_work+0x2e4/0x65c
[  354.542905][   T55] lr : io_ring_exit_work+0x2e0/0x65c
[  354.543738][   T55] sp : ffff80001cfc79c0
[  354.544381][   T55] x29: ffff80001cfc7b00 x28: dfff800000000000 x27: fffffffffffffffb
[  354.545611][   T55] x26: 0000000000001770 x25: ffff800012062400 x24: ffff0000f6c46260
[  354.546803][   T55] x23: ffff0000f6c46018 x22: 0000000000000003 x21: ffff0000f6c46000
[  354.548046][   T55] x20: 0000000000000000 x19: dfff800000000000 x18: ffff800011b7bf60
[  354.549213][   T55] x17: 1fffe00033eaab7e x16: ffff8000082ef028 x15: ffff8000151fd000
[  354.550428][   T55] x14: 0000000000000001 x13: 1ffff000039f8f18 x12: 0000000000ff0100
[  354.551648][   T55] x11: ff0080001196a940 x10: 0000000000000000 x9 : ffff80001196a940
[  354.552804][   T55] x8 : ffff0000c66a5340 x7 : ffff80000a8272f8 x6 : 0000000000000000
[  354.554113][   T55] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff800011af6564
[  354.555334][   T55] x2 : 0000000000000000 x1 : fffffffffffffffb x0 : 0000000000000000
[  354.556518][   T55] Call trace:
[  354.556996][   T55]  io_ring_exit_work+0x2e4/0x65c
[  354.557795][   T55]  process_one_work+0x7f8/0x13a4
[  354.558566][   T55]  worker_thread+0x8c4/0xfec
[  354.559296][   T55]  kthread+0x250/0x2d8
[  354.559934][   T55]  ret_from_fork+0x10/0x20
[  354.560550][   T55] irq event stamp: 1178656
[  354.561221][   T55] hardirqs last  enabled at (1178655): [<ffff800011a1e1dc>] exit_to_kernel_mode+0xcc/0xfc
[  354.562732][   T55] hardirqs last disabled at (1178656): [<ffff800011a1c234>] el1_dbg+0x24/0x80
[  354.564088][   T55] softirqs last  enabled at (1167624): [<ffff8000081ac37c>] handle_softirqs+0xaec/0xc60
[  354.565606][   T55] softirqs last disabled at (1167599): [<ffff800008020164>] __do_softirq+0x14/0x20
[  354.567007][   T55] ---[ end trace 0000000000000000 ]---
[  354.727555][T10702] netlink: 'syz.0.1778': attribute type 1 has an invalid length.
[  354.751584][T10702] 8021q: adding VLAN 0 to HW filter on device bond7
[  354.760908][T10702] bond7: (slave vlan6): making interface the new active one
[  354.768916][T10702] bond7: (slave vlan6): Enslaving as an active interface with an up link
[  354.770492][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bond7: link becomes ready
[  354.782821][ T6904] bond4: (slave macvlan2): failed to get link speed/duplex
[  354.892168][ T6904] bond4: (slave macvlan2): failed to get link speed/duplex
[  355.002252][ T5225] bond4: (slave macvlan2): failed to get link speed/duplex
[  355.112247][ T5225] bond4: (slave macvlan2): failed to get link speed/duplex
[  355.232259][   T39] bond4: (slave macvlan2): failed to get link speed/duplex
[  355.352299][   T39] bond4: (slave macvlan2): failed to get link speed/duplex
[  355.462288][   T39] bond4: (slave macvlan2): failed to get link speed/duplex
[  355.582204][ T6904] bond4: (slave macvlan2): failed to get link speed/duplex
[  355.703399][T10280] bond4: (slave macvlan2): failed to get link speed/duplex
[  359.312539][   T39] net_ratelimit: 31 callbacks suppressed
[  359.312552][   T39] bond4: (slave macvlan2): failed to get link speed/duplex
[  359.422255][   T39] bond4: (slave macvlan2): failed to get link speed/duplex
[  359.532827][T10204] bond4: (slave macvlan2): failed to get link speed/duplex
[  359.642305][T10280] bond4: (slave macvlan2): failed to get link speed/duplex
[  359.762222][ T5893] bond4: (slave macvlan2): failed to get link speed/duplex
[  359.872560][ T5893] bond4: (slave macvlan2): failed to get link speed/duplex
[  359.982351][T10204] bond4: (slave macvlan2): failed to get link speed/duplex
[  360.092497][T10280] bond4: (slave macvlan2): failed to get link speed/duplex
[  360.202198][ T6904] bond4: (slave macvlan2): failed to get link speed/duplex
[  360.312245][ T8763] bond4: (slave macvlan2): failed to get link speed/duplex
[  364.342238][ T8763] net_ratelimit: 35 callbacks suppressed
[  364.342252][ T8763] bond4: (slave macvlan2): failed to get link speed/duplex
[  364.462427][ T8763] bond4: (slave macvlan2): failed to get link speed/duplex