last executing test programs:

18m10.453560837s ago: executing program 32 (id=307):
userfaultfd(0x1)
r0 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x3000)=nil, 0x930, 0x6000002, 0x4018831, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
pselect6(0x40, &(0x7f0000000100)={0x6, 0x0, 0x0, 0xfffffffffffffffe, 0x800, 0x0, 0x100000}, 0x0, &(0x7f0000000240)={0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6a9}, 0x0, 0x0)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r0, 0x20, &(0x7f0000000180)="5e73663bf4082f7c6c9ecbc1a303434a36bfc45a7badc8faed24bb77c848723a43602d1fe0d236c062e105ec77ffdc0fb243c3111dda42112650cc00", 0x0, 0x48)

16m36.263638493s ago: executing program 33 (id=600):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000004c0)={'syzkaller0\x00', @link_local})
write$tun(r0, &(0x7f0000000140)=ANY=[], 0xc2)

14m18.887505589s ago: executing program 34 (id=1017):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = landlock_create_ruleset(&(0x7f0000000000)={0x19a1, 0x2, 0x3}, 0x18, 0x0)
landlock_restrict_self(r2, 0x1)
bind$unix(r1, &(0x7f0000000240)=@file={0x1}, 0x6e)
listen(r1, 0x0)
connect$unix(r0, &(0x7f0000000640)=@file={0x1}, 0x6e)

14m4.526661659s ago: executing program 35 (id=1050):
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
unshare(0x400)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r1 = inotify_init1(0x800)
inotify_add_watch(r1, &(0x7f0000000180)='./bus\x00', 0x84000079)
preadv2(r0, 0x0, 0x0, 0xa07, 0x9, 0x3)

13m59.698593805s ago: executing program 36 (id=1058):
creat(&(0x7f0000000040)='./bus\x00', 0x0)
io_setup(0x200, &(0x7f0000000140))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000200)=[{0x6, 0x22, 0x3, 0x50000}]})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x0, 0x37, 0x0, 0x9}, 0x28)
io_setup(0x2, &(0x7f0000000000)=<r0=>0x0)
syz_clone3(&(0x7f0000000080)={0x21800000, 0x0, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58)
io_submit(r0, 0x0, 0x0)

8m53.093333931s ago: executing program 8 (id=2039):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000440)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a000008048002000905811765"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000040)=ANY=[], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_disconnect(r0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r2, 0x0, 0x0)
syz_usb_disconnect(r1)

8m48.609938236s ago: executing program 8 (id=2056):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000040)={0x0, 0xea60}, 0x10)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000000)=0x400000001, 0x4)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x4e23, 0xa4e4, @remote, 0x3}, 0x1c)
sendmsg(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x40010)

8m47.708991708s ago: executing program 8 (id=2060):
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdc00, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={0x64, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2, 0x0, 0x10}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}]}, 0x64}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x38, 0x0, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x40048c0}, 0x200088a0)

8m46.91035755s ago: executing program 8 (id=2064):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000400)='./file0\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x219d88b, 0x0)
mount$bind(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x10a78c0, 0x0)
umount2(&(0x7f0000000080)='./file0/file0\x00', 0x1)

8m46.149044212s ago: executing program 8 (id=2067):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x1, 0xf0, 0x4}, 0xfe}, 0x18)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
writev(r1, &(0x7f0000000240)=[{&(0x7f0000000200)="fbe04481999f6961ce", 0x9}], 0x1)
bind$can_j1939(r1, &(0x7f00000006c0)={0x1d, r2, 0x3, {0x2ad9e849e82996fb, 0xfd, 0x3}}, 0x18)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@newtfilter={0x24, 0x11, 0x1, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x74, r2, {0xfff3, 0x10}, {0xfff1, 0x9}, {0x2, 0x8}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x48044}, 0x40000)

8m45.529471944s ago: executing program 8 (id=2072):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0xa5)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000080)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200)

8m44.153292587s ago: executing program 37 (id=2072):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0xa5)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000080)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200)

7m42.740611161s ago: executing program 2 (id=2256):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc3c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a3100000000100003800c00008008000340000000022c0000000e0a010200000000000000000a00"], 0xcc}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000000c0)=ANY=[@ANYBLOB="fc0000001900010027bd700000000000e0000002000000000000000000000000ac1414aa00000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000a900000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a000000000000000000000080400002000000000000080000000000000000000100000000000044000500ac1414aa0000000000000000"], 0xfc}}, 0x0)
r0 = syz_io_uring_setup(0x2502, &(0x7f0000000300)={0x0, 0xf36b, 0x10100, 0x200, 0x155}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x10, 0x0, @fd_index=0x8, 0x40, 0x0, 0x6, 0x0, 0x1})
io_uring_enter(r0, 0x2d3e, 0x2936, 0x0, 0x0, 0x0)

7m40.763113414s ago: executing program 2 (id=2261):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = epoll_create1(0x0)
r2 = dup3(r0, r1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r0)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r1, &(0x7f0000000000)={0x20000002})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000040)={0x20000001})
epoll_pwait(r4, &(0x7f00000000c0)=[{}, {}], 0x2, 0x9, 0x0, 0x0)

7m39.693606939s ago: executing program 2 (id=2264):
open(0x0, 0x60840, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket(0x400000000010, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001811", @ANYRES64, @ANYBLOB="0000000000000000b708f2010000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000098"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[@ANYBLOB="f800000016008502000000000000000020010000000000000000000000000002a600000200"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000032"], 0xf8}}, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[], 0x134}}, 0x0)

7m38.596341748s ago: executing program 2 (id=2267):
pipe(&(0x7f0000000600)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f0000000000)="fc", 0x1)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = epoll_create(0x81)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000040)={0x8})
close(r2)
socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r0, 0x0, r2, 0x0, 0x1100000000f336, 0x0)

7m37.024724223s ago: executing program 2 (id=2272):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x1c0)
mknodat(r0, &(0x7f0000000040)='./file1/file4/file5\x00', 0x100, 0xfffffffc)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x140, 0x82)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000002c0)=0x20)
renameat2(0xffffffffffffff9c, &(0x7f0000000600)='./file1/file4/file5\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00', 0x2)

7m36.165937893s ago: executing program 2 (id=2276):
mount$bpf(0x0, 0x0, 0x0, 0x85c428, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x80000)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000001080)={0x0, 0x60, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="6c000000020601000600000600000000000000000e0003006269746d61703a697000000005000400000000000900020073797a3000000000240007800c00028008000140000003000c000180080001400000000a080006401c02000005000500020000000500010006"], 0x6c}}, 0x40000)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x200400cc}, 0x0)

7m20.516345365s ago: executing program 38 (id=2276):
mount$bpf(0x0, 0x0, 0x0, 0x85c428, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x80000)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000001080)={0x0, 0x60, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="6c000000020601000600000600000000000000000e0003006269746d61703a697000000005000400000000000900020073797a3000000000240007800c00028008000140000003000c000180080001400000000a080006401c02000005000500020000000500010006"], 0x6c}}, 0x40000)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x200400cc}, 0x0)

6m27.825706423s ago: executing program 5 (id=2444):
unshare(0x6a040000)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newnexthop={0x24, 0x68, 0x1, 0x2, 0x7ffffffc, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@ipv4_newroute={0x24, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x10, 0x0, 0x0, 0x4, 0x0, 0x1, 0x20000000}, [@RTA_NH_ID={0x8, 0x1e, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0xfffffffffffffda3, &(0x7f0000000180)={&(0x7f0000000200)=@delnexthop={0x20, 0x69, 0xb, 0x0, 0x0, {}, [{0x8, 0x1, 0x1}]}, 0x20}}, 0x4000000)

6m23.207337767s ago: executing program 5 (id=2456):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e22, @multicast1}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x800000000f, &(0x7f0000000080)=0x7, 0x4)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x7f, @ipv4={'\x00', '\xff\xff', @multicast1}, 0xffffffff}, 0x20)
listen(r1, 0x2)

6m21.870188748s ago: executing program 5 (id=2460):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
r2 = syz_io_uring_setup(0x1714, &(0x7f00000020c0)={0x0, 0xbda7, 0x10100, 0xfffffffd, 0x9c}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000000)=<r4=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r2, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x2, r1, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x22}})
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000340)={0x8, {"eb9d8988e81b395b45bd0cba3a8483077474dd3dd0c47bc253e5f8e8b4292aac2796001366e4c71f9f35008b53e42578e610c78571ad7fd714bbf1d6fd513c82063c7b62f80247dae47c5c719fcb141465938af815fb5f2695978afaf02bc89e649ba154d25cd9128fa00c4655085aaa52d42552f2b09df1d9bb0e372396aa8bcb1358797975d0f0609075102a2744764709002ff83c2341d3365f98a022a3adb2984c475f59af4129dbfd9a93d73ebd4e3cb4f1e4ab97495820ac3a2091f1a472e09074da690ef8a1271c19fa97898e3be7b5000d91bbc78a0e2415b557a6ac425159469271188e5adbb631ee32f1c01b8aab308dad8548079f00eb770e058ec6480cb78a47d832ff6f7d23348118d2a8a317c1d0cb05299e4541dd566ca584cbe7508ab24fa6fdd1e5fd301a57f7b01f55543d5289911b1040011acfa9247e9f2b08635fc066b8725bc114c59fdbdd3a35903b19613e3f29ce4457a59c64567f1fea4a17185e7edde0ccc64cf9d0086ef292c318c8a56b28406cdcfd091245a8e0fa721e11aa064b642d9afbcf3dd23c79c466e634e84e0ccf866e8bcc03a6e6ac823fe6056a7aa6aa8622969e263eff3fb74ea46e0bd6a1ce08244e39f59df03e6cdd7fdc2811c4c1719099a56f1c5e07ab0e7d6a07192dcc0d03f6bcbc2323f4606b52950e3ebf54b379a97bb4c0c27db1e0824068a353aa025258f16eec23148997eb0f14ade49c1216cfd2ce324f289ddcf0ff8247984c4567692e9b64c2fbbc1272a3e532122e65f97cec13564ece0b7029c2c34ca9c7a9557d487336d849513afaaaa6c1a0388e72dba891750cebb09747cdadd4228b66ce5972f9c67bc4bd795753bc83fd36897edb29a4d9ca5c5cbb0e92dab163d6c980ef76a5f79f6f05f9a7e0e745a129cbbfc12281f9566f656b1f9de9bec23d3a2bec3852430fb7dcbc692e0fcccb69402639a0e1693a70a5983a462b001131a4774e5e3d8bd9a19389ab7e819a77ae145d2ca8e4477215905e8e1dce02ccd3f8942744313a30b68025844e5a68a9a2dd382a3a32042c232459a776d6e1741eec549b4d2867580fc511393281917f5145952997aebd29d8056d4282586ccd91d633a7c1764012e09d7746fef7246eb56640fef2bdd74b78fbcaa32e6b6f4136431a51229956a8a8149de241511e2760f997886e098fc1847adee880f3ae61a1240581e13758be18a33bde20ffad43a0ae9a4f7144a16993858e445c7c5bc83e13dfeb81ae6fc11be70e0ab490ab976106e3d8e627c44df3ac588239fbf885a2439b69e5a121245fd3c42c86555b198452ffcac7168d789ff3f61da76d389b0fc1e6c39df6608824babcb098c509e0def7f1701e67ab7d6c64ab5150eaaadbe38a11673fee8d286d88ae6f39241966fa6df46464166db4f41d67596d9d67382f1069042ee118b0af630a5e12f07d8cfa4183f2c28b27a6105d69804508235f877693cf1f359ffb95b585496b941c2e3f2170d916ded547beee1ae24e1724f17cb85cfcba15e1cbabe44e60b16c2ac4f4afed9506e25bd35a8897de4ae4a4c929b25289f75b2da34a1b65edfc2dd74b74b8f3d74f1387805cf5933a616798fa890718c9ebd6079c26a5f732298f8e8a2e378fccffd7fc3ecc8b10d1cd013a7340b7842c4b1dff0e9f2ea70329fb9c3013151f43fa5bad0dd5f61a92da5a78e68052ab72c38d915136184a49da2a6b6e248e9d106777c1bde4dfc94f8a4a29dfa95fe7681516061a83650c8b39968bd3a7a34b34e93844fc8ed8a84b59f7e657a025592db7a7252491b18695693a68d178564909e5971b8956479e518a1202af31718fe22f4e65c93a9a08e802e07fd274e5a23cb466a7b48cf344a2176d61ef27d348b40a510e8cc8e372693cb6c1c7cfb4e3972fbe4204f0048bc53793e049b0484b3bbe6d3b6a986bc2c95fdb63f60ebfdbea38b48405a8b85ee84568fb6921a75fb54e9026671ed43b923286d64d60c9060a86c2217f98f049259d99d0c5ce4889b165557fa4536a6d5222eb289a6dd83ff235dbde83897d1627f6d85c3e551997007b5219c5b010d53b92879e19951ba21db665f724d7c45da7c635f3a982047a1ebed638dca4f3e97ee036e18ae68d37cd8fda64fac7dce84587311b2e17420c31d50a5da4d052052ea1b4116aa9a0ef20434420c51887cf2d03a1d578925f19e700451f404413f7371693f2e0a622e1ae49daccd12de5ec59d2acbb635d854ce22a418f143c3a637dc731d45c5d1c38adcb770602a92f3de006a4eef1d838b91178476ff168fa639eb5b420da8a343a0ec6e6144cc802eb08d1833beb6ca18ffa1fd7b019bb2d02c97d62963a8a9180769323d8e45639b68aaa56775306bdc6c020678ecd64e751fb92c85dc474bbde8f94c029d92dea48b837c7b5524dc061374e637e299fef6b1355ce23d0f649f0e61402d375bb444a37a22a812821ade48df3be021ecacff6873654bf21e111d079f5bb140568b5c4b77f1aaa22416ab983eb8fe903286fdf114024622f443686078c8318329aebe5df891a9a91bd5512b3aed59557de62d1a9586e10fa07306f815fc10204200d6282813f729c3f8e8af7c450f55037397125ef5e806306a9ba351a6f3e1dede486bc75ae897581b649ef55f19c97b330c5a61a6f76674722429ea894d1c638074cedb0b863514c19166a5c2baf4ee6d1eaeee85155afd10fdd4361c78b3c0d00d01a37df52be0ed3458bc7a1afa0c8c9a2f3406b1e4607e955f57f626c7ed2efac888e72110e0dc0f79cfdd02bc245f0b3a7939bbdc31229ab99ecd36927e1fdd7b17b5037457856fe3f773b6af24af6d67cbd7978e2f127b86b50153e9b0f13f4942006198d6a6ac335cf7560676fd607e6a3a7b518fa815def5eca1372813f97d6ea9d62b848db37015aa648c8426f26776728332fad5f72c919a6f96d1c3b0a97df4c1892ff814e2e57979da7f7098c42b963ca5929765b1ad2284abd2c1f7ef9570b8c97a513da8f4078130e70f31327708619331571d78d3475b6b41e835dc948f0e809c6610942e4c7d515d9303e6281a3980a742dc85f4528fddc34d22bbd9aa4b4b2351df10884f1dbc877717d984b0b3bafda47801103cda459d006a9a9982f5cf67fc0face3def54d579358e623dae4d9b4248cebd82111cf4c431f8852bcf862a65a124ca709cec2454e4c65514128bc2d6f8cc92624f20c02b008081d334cc7fa0b8e8d9d3dfe2a283600e875c7ecb8e4949f958f6f84f8e52b78e3eae58fa02d85bb8ac52ddf3b262ec52eca50d6d590139c24c042e1c040d8da6c9a2e95055dc91ed65881bc4c43c13c240eb9f6ef9a4cffb44e96c9c055cbbc10b5d63850bc3e2fa46aabb2c732c0c31bf1dba3ad1ce2b1b671259aaaef955d39c420b18d78828248563cacd9417ef2cb63859ebef3936e26803e7ccf5233cb3c0a2f440d898ff258cb03a783415a6f81b1b1a07bb5cef530c78c30ec9adfd2df246d581bc662336d5029f65588995adc3190e97a418c15fa3620eb68cdcc6233f1aa0009ab558b22ae9316003c6af1fe0d7807e583943e48692fcd9fa2525fefe3467d099951c83943312f0e889cef4c1ecf17ad469f5ad683b405eb59230e89df96e8dd94e41e5f62822ba957e065f22d96b1c0c2b83f5a57fbb04d5af399ece3ddd52e5afff783a876e2066fbe30963421acb427c95fd3e7bc6b7d3d731a7e347052cd9636805cab94ad40bdb63a264b3127c7f8d21d25810bd2eadb2c3e31b5c807283ad062d750e5b21ec1e20cc3ac5753ac536faf23e2b5c37e9d021870b0350ecea7187643a00a08ec3ffaf7e6c236c4d694ff41af7b5fbf8a554949f5026a8b2adcf377f94848cd17fbcc0249e796008962d3db16b4bb85483dbe75ef5b301175e052203436b38248fbd1a28a5e2b3ab75c77eb8f853e60e95d5f16cb9858b33b3752b4c69776ec4506ba2bd490a6f17aae1152d8762d86cc0ef32788cf149e8fa9464c3ea588f15d8eb2092254c470acf221cfe680845167fc6778b8af1609681ae4f4e65426ce059b9768eb2e0c89f29de7b91db89a72e4c677c65dd980f9a6bfa656ed01d5e683a33e6b80462139476225cc0fcc309d926c36aa250bdad1454db46cd2536046f909a05b08829cad973bc705231a32a5f2e7ac5e96e2315cb175724607a5af02073fc936272aa724990ba6dcc4ea79da6eb7ec0bbdbd0a878114c493bc4b3e26e24b18553bd0a617981d8ea9e91ed2e3bcbd48f5d67aa913790bf52c31435184d6c73079e964e9ef05194e88b072b372d48cb70dbca99238c4474ed0b6932cc1b233bce0c87d48d478fa3c937c42c8637714e9995041f8b2b7dce17eb2f26c730f5559cf5919b88ee00bbf40726f90e1cf29e0f5fadc64de1bf28d447e8996948dc2fe658620b6fb8cfc592d5e0621b66057eb774c31ab16235456210c5ee7990b71b5b3d51cf13e30361a8cdaa107b13fa6a1c84b172efece3b70753e81e7e9e572d228c7bbcdaba40d8d0eb4de13bda1fca38d3ed667bb0897335aadaa0c3905a1283292c89ef5747ad5462db4011c3f8a4a476aa78d74badf8bf3785997ba9824e21256eed4c2805331fa24c81e28f21e895a0b03e7de52787065faded0f1b59eba1c922dce5576e8ab190ef716c021d8dfa13a1e73b8962d9f9238ba8b9fa2cf84addfe37e78cdb398ee4c0642a716fb8db1e332f873a16c6225ebc51fe05f33273380e64272159bb808336e87b4b0cddb492a992b2e7f423bf37725e1d9dda0dc6b4426172c2a93ee1cc9acea7fe1ece9ba0ddee3e232efb11fc4d4e266cd2a83c017e32315c434b73e9729d5a3a7fe993e72f9bb70d78672493263a2653fe1bfd42d1f97cbf0fffb6705b2e35fe65ceb9ad7ddc525b689027352db9c194939559ebb3b505a58e0404103482ce10f7d67761c13b235b52ad1b25803aa94cf7df5ca8d8bd0d4e6d0ab8bcfb8f72a26cecf071e31c02a1034c0144d850f1732926981dca7a18f0a197da3703d74d3e951ed510ed38a8fcae93eb2bebdf92e0feb0f06dbe1331cb43cfa548ca294ea479ecb325aea7aff8d924745298a3d34f23f40b992995a908130165b44beb8cc9da8390dae2a09cb7e1ac7e95b84f35e7be147b4be04883047cdcaec662aa8b66694ae8914e65edb63696494bff66eacb3aecdb23746a36cec7f832d628d38698ba6b3d4020095eae2a5b36a21039ce50901cdf2582b88ab8c86c6f4a8c345618f10d7aab081edb3ce8e4479e0ac476112d4b261cb8ed952221fb660898491fc7134b091c0565173bebf014caffae12852b5314c930d41e27bcfa7bc536fc4da3b714630e1ac7aaf006755da1da792dcad08f796c2ebdd6427ad3374e25132a103d62f98584462aa164d742b4d7c668a85119480199dd90f0a903f6c76cfca28b84a2279ae6965fdec403072be146d2d1f39b122113fbcfb52cf8c7c1d47a32f437b895bcd7a67ad08f196112a15b07e5b57b4db2b7c7f70a42923d6d0625515375b9281d331bd1e5dd75ff3a6e1ca5b75eb328e6c935f2c8f0c57b0aaf2ad85983160b0e53fca44d95e956ef2726d97acb2da34ca4482bb86aabde6d8b8b85da2e44ae89b8359f7edb88a3e2a9aad23125b8c2bd0c7be0847ac9b1e16db2c395e0c9eb040af710c31d32f7b356bfb6f1704f4d884f37c15b865eda87685ae8926fbf3a4465e7e2968ee18ea1ff5d4f4cbfb55634089687b9f0bce5b9cf10779299893cf64980193fd3a1096507e7a8be", 0x1000}}, 0x1006)
io_uring_enter(r2, 0x27e2, 0x0, 0x7, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

6m20.935618585s ago: executing program 5 (id=2464):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000400)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0)
unshare(0x22020000)
mount$bind(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x10a78c0, 0x0)

6m19.919643184s ago: executing program 5 (id=2468):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x6)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x2, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x7fffffff, 0x1}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=@newtfilter={0x6c, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x5}, {0xfffb}, {0xfff1, 0x3d}}, [@filter_kind_options=@f_bpf={{0x8}, {0x38, 0x2, [@TCA_BPF_ACT={0x34, 0x1, [@m_ctinfo={0x30, 0x18, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0xc4, 0x6}}]}, 0x6c}}, 0x0)

6m19.283649208s ago: executing program 5 (id=2470):
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x9}}, {{0xa, 0x0, 0xae6c, @loopback}}}, 0x108)
r1 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x2}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
r2 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2a, &(0x7f0000000080)={0x20, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast1}}}, 0x108)
close(r1)

6m16.509764695s ago: executing program 39 (id=2470):
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x9}}, {{0xa, 0x0, 0xae6c, @loopback}}}, 0x108)
r1 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2a, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x2}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
r2 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2a, &(0x7f0000000080)={0x20, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast1}}}, 0x108)
close(r1)

6m6.305785874s ago: executing program 1 (id=2504):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, 0x0, &(0x7f0000000100)='GPL\x00'}, 0x94)
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
setsockopt$inet6_udp_int(r0, 0x11, 0xb, &(0x7f0000000100)=0x7, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace5ffb2e9fc603dd282100000002ff02000000000000000000000000000104004e200023b0"], 0x0)

6m5.272891038s ago: executing program 1 (id=2507):
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
syz_open_dev$usbfs(0x0, 0x76, 0x101301)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bond0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001400)=ANY=[@ANYBLOB="3c00000010003b15000800"/20, @ANYRES32=0x0, @ANYBLOB="340e000000b401001400128009000100626f6e64000000000400028008000a00", @ANYRES32=r3], 0x3c}}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000002c0)="2e00000011008b88040f80ee59acbc04130800480f0000005e2900421803001825800000000000000280000c0012", 0x2e}], 0x1}, 0x0)

6m2.262443329s ago: executing program 1 (id=2516):
unshare(0x40600)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x6, 0x4, &(0x7f0000002180)=ANY=[@ANYBLOB="180200000000000000000000cfffffff850000001700000095"], &(0x7f0000000a40)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'dummy0\x00', <r2=>0x0})
r3 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r1, r2, 0x25, 0x0, @val=@kprobe_multi=@addrs={0x0, 0x0, 0x0, 0x0, 0x6}}, 0x30)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x11, 0x5, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000000000000000000000000001800000008000000000000006e14000095"], &(0x7f0000000a00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000140)={r3, r4}, 0x5)
fcntl$setsig(0xffffffffffffffff, 0xa, 0x4)

6m1.036824789s ago: executing program 1 (id=2519):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000003c0)='./bus\x00', 0xe, &(0x7f0000000900)={[{@init_itable_val={'init_itable', 0x3d, 0x94eb}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@stripe}, {@noblock_validity}]}, 0x3, 0x45f, &(0x7f0000000480)="$eJzs3MtvG8UfAPDvruP019cvoZRHH0CgICIeSdMW6IEDIJA4FAkJDnCMkrQqdRvUBIlWFW0RKieEkLgjjvwLnOCCECckrnBFqFKFemnLyWjt3cZ2bJOHXUP9+UjbzuyOO/P17NizO94GMLQmsj+SiB0R8WtEjNWzzQUm6n/dvH5h7tb1C3NJVKtv/ZnUyt24fmGuKFq8bnuemUwj0k+S2Nem3qVz50/NVioLZ/P89PLp96eXzp1/9uTp2RMLJxbOHDp69MjhmReeP/RcT+LM2nRj70eL+/e8/u4Xbxz7rCn+ljh6ZKLbwSeq1R5XN1g7G9LJyAAbwrqUIiLrrnJt/I9FKVY6byxe+3igjQP6qlqtVrc3ZC82H75UBe5iyWj+MZAz5GFYFF/02fVvsbXOEV7q8xxkkK69XL8AyuK+mW/1IyOR5mXKLde3vTQREe9c+uurbIv+3IcAAGjyXTb/eabd/C+N+xvK/T9fGxqPiHsiYldE3BsRuyPivoha2Qci4sE11bqywtS6SLJ6/pNe3XBwa5DN/17M17aa53/F7C/GS3luZy3+cnL8ZGXhYP6eTEZ5S5af6VLH96/+8nmnY43zv2zL6i/mgnk7ro5saX7N/Ozy7GZibnTtcsTekXbxJ7dXArLe2hMRezdYx8mnvtnf6dg/x99FD9aZql9HPFnv/0vREn8h6b4+Of2/qCwcnC7OitV++vnKm53q31T8PZD1/7a25//t+MeTxvXapfXXceW3Tzte02z0/B9N3q6lR/N9H84uL5+diRhNjtUb3bj/0Mpri3xRPot/8kD78b8rVt6JfRGRncQPRcTDEfFI3vZHI+KxiDjQJf4fX3n8vY3H319Z/PPr6v+VxGi07mmfKJ364dumSsdXxX+re/8fqaUm8z1r+fxbS7s2djYDAADAf08aETsiSadup9N0aqr+e/ndEWllcWn56eOLH5yZrz8jMB7ltLjTNdZwP3Qmv6yv5y9HRP2nBcXxw/l94y9LW2v5qbnFyvygg4cht73D+M/8URp064C+87wWDC/jH4aX8Q/Dy/iH4dVm/G8dRDuAO6/d9//FAbQDuPNaxr9lPxgev7v+h+HVcfzfzf/zD1Dj+x+G0tLW6P6Q/La8YMcyxb+0hofthyoR5X9FMzafqCZtOzfSQTdMop+JwX0mAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9NLfAQAA//9i/dxS")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000000e40)={0x2020}, 0x2020)

5m59.211369699s ago: executing program 1 (id=2524):
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x24}, 0x94)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r2 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000240)="5c00000012006b04000000d86e6c1d000a887ea6ea65670000000000000090f9c3dc90f8f41f8ecff32c6e020075e300250045586c8da718ad4b4460bc24eab55600000000000000bf9367b4fa51f60a64c9f4d4938037e786a6d0bd", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

5m58.118164395s ago: executing program 1 (id=2527):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x40102, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000340)={0x0, 0x1, 0x0, &(0x7f0000001600)=""/118, 0x0, 0x3332f000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000000))
r2 = dup(r1)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000040)={0x0, r2})

5m54.704997244s ago: executing program 40 (id=2527):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x40102, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000340)={0x0, 0x1, 0x0, &(0x7f0000001600)=""/118, 0x0, 0x3332f000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000000))
r2 = dup(r1)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000040)={0x0, r2})

3m17.909586494s ago: executing program 9 (id=3015):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710}, 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = accept4(r0, 0x0, 0x0, 0x800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x12)

3m16.322383969s ago: executing program 9 (id=3019):
io_setup(0x6, &(0x7f0000000040)=<r0=>0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(0x3)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000600000/0x4000)=nil, 0x4000, 0xa, 0x401d031, 0xffffffffffffffff, 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x104, &(0x7f0000000080)=0x80000001, 0x0, 0x4)
io_submit(r0, 0x1, &(0x7f0000002900)=[&(0x7f00000000c0)={0x300000000000000, 0x0, 0x0, 0x5, 0x1002, r1, 0x0}])

3m14.802647721s ago: executing program 9 (id=3027):
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0xe0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syslog(0xa, 0x0, 0x0)
syslog(0x0, 0x0, 0x0)
syslog(0x4, 0x0, 0x0)
syslog(0x0, 0x0, 0x0)
syslog(0x9, 0x0, 0x0)
syslog(0x9, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

3m13.481939983s ago: executing program 9 (id=3034):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x4000, &(0x7f0000001040)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c636865636b3d7374726963742c756d61736b3d30303030303030303030303030303030303133363033302c756e695f786c6174653d312c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303034302c757466383d302c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c74696d655f6f66667365743d3078303030303030303030303030303166622c666c7573682c756e695f786c6174653d302c73686f72746e616d653d77696e39352c00208893fdd4787adad4209069", @ANYRES8, @ANYRES16], 0x6, 0x2ae, &(0x7f0000001180)="$eJzs3T1vI0UYB/BnE3ttoLALKoTESlBQnS7X0jhCQYpwBXIBFHDi7iQUW0h3kiVehLnqWhpKvgISHV+ChoIeiRaJjhSRFu16N3YS28lGOOHl96sms/OfeXYzSZTCsx+9PDl6kMWjp1/+Gt1uEjuDGMRxEv3YidrXccbgmwAA/s2O8zz+yOea5JKI6G6vLABgixr//f9h6yUBAFv27nvvv70/HB68k2XdSOPZdFT8Zz95Nh3Nr+8/ik9iHA/jbvTiJCI/NW+/lef5rJUV+vHaZDYdFcnJhz9V8+//HlHm96IX/bLrbP5weLA3KPPZUn5W1PF8tf6gyN+LXry4Yv3D4cG97GI+Rmm8/upS/XeiFz9/HJ/GOB6URSzyX+1l2Zv5t39+8UFRXpFPZtNRpxy3kO/e8LcGAAAAAAAAAAAAAAAAAAAAAID/sDvV2TmdKM/vKbqq83d2T4ov2pHV+mfP55nnk3qic+cDzfL4rj5f526WZXk1cJFvxUutaN3OXQMAAAAAAAAAAAAAAAAAAMA/y5PPPj+6Px4/fPy3NOrTAOqP9V93nsFSzyuxYkw/Tns6iyV3qmU3zBy79ZgkYmMZxYyNim9fvvqaxnPrUq3vmz667uVj2teosGGj3l1H95PVz7ATdU+33iQ/Lo9J44prpesu5Y22X7ryUq/xvacvlI3ZhjGRbCrsjd/mT67qSc7fRVo+1ZXxdtWY/yys2huN9vPF3xWJ0zoAAAAAAAAAAAAAAAAAAGCrFh/6XXHx6ZrQL4fzl/xHf8vVAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDNWLz/v0FjVoWvMDiNx09u+RYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4H/grAAD//4xnYK0=")
mkdir(&(0x7f0000001940)='./file0\x00', 0x40)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x31056, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000006b40)={0x2020}, 0x2020)

3m12.259132299s ago: executing program 9 (id=3038):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
sendto$inet6(r1, &(0x7f00000001c0)="a6e2976b5c4383036d32dadd2e144d8645ca8d1b230e105614396838da83c754887e7bea2f35d4ea667817d90d532af065f2e398dd9081ea16f8b371a202a6f9e505bbc964a0d3880bf0104a0a0a2f0d311efee1637e85a0125b38f961918f99bf9c2c146e42327f178dc2b3d4936e7f7f0a79f74ba464d83ab41742d1186776dc1779b5c50ac82d0fa8f9e42074b5b6079207fb21e718080907964669be539791e3e98687ee059853", 0xfffffffffffffcc1, 0x840, 0x0, 0x56)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x11, r1, 0xffffc000)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000500)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffff77, 0x0, 0x0}, &(0x7f0000000000)=0x40)

3m11.668184284s ago: executing program 9 (id=3041):
rseq(&(0x7f0000000100)={0x0, 0x0, 0x0, 0xd}, 0xfe7c, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f0000ffe000/0x2000)=nil, 0x2000)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x10})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000140)={{&(0x7f0000ffe000/0x1000)=nil, 0x1000}, 0x2})
ioctl$UFFDIO_WRITEPROTECT(r0, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}, 0x1})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}})
syz_io_uring_setup(0xefe, &(0x7f0000000140)={0x0, 0xcc19, 0x10806}, &(0x7f0000000000), &(0x7f00000000c0))

3m9.104182931s ago: executing program 41 (id=3041):
rseq(&(0x7f0000000100)={0x0, 0x0, 0x0, 0xd}, 0xfe7c, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f0000ffe000/0x2000)=nil, 0x2000)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x10})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000140)={{&(0x7f0000ffe000/0x1000)=nil, 0x1000}, 0x2})
ioctl$UFFDIO_WRITEPROTECT(r0, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}, 0x1})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}})
syz_io_uring_setup(0xefe, &(0x7f0000000140)={0x0, 0xcc19, 0x10806}, &(0x7f0000000000), &(0x7f00000000c0))

32.709812176s ago: executing program 6 (id=3581):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000380))
ioperm(0x0, 0x2, 0x7e)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = socket(0x28, 0x5, 0x0)
r2 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r2, 0x10000008)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
recvfrom$inet_nvme(r1, 0x0, 0x22, 0x10100, 0x0, 0x0)

31.094679763s ago: executing program 6 (id=3587):
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r0 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
ftruncate(r1, 0x2000009)
r2 = open(&(0x7f0000000280)='.\x00', 0x40080, 0x1d2)
fcntl$notify(r2, 0x402, 0x8000003d)
sendfile(r0, r1, 0x0, 0x20000000000006)
r3 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000580)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fff0001}]})
tee(r3, r4, 0x1, 0x0)

30.104640592s ago: executing program 6 (id=3589):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r0 = io_uring_setup(0x7621, &(0x7f0000000500)={0x0, 0x6c74, 0x80, 0x3, 0x28b})
io_uring_register$IORING_REGISTER_FILES(r0, 0x1e, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020641700000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_dev$vcsu(&(0x7f0000000080), 0x3, 0x40)
r1 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="7f454c460407000b070000000000000002000300060000000903000038000000560300000e00000085072000010005000000fdff000000000300000063070000f30000007f0000200400"], 0x58)
close(r1)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x101a40, 0x0)
fchown(r2, 0x0, 0xffffffffffffffff)

29.061530134s ago: executing program 6 (id=3595):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101)
mount(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0)

28.323424008s ago: executing program 6 (id=3598):
r0 = epoll_create1(0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r0)
mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESDEC=r1])
r3 = syz_io_uring_setup(0x110, &(0x7f00000003c0)={0x0, 0xfad6, 0x800, 0x1, 0x3}, &(0x7f00000000c0)=<r4=>0x0, &(0x7f0000000100)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r3, 0x133d, 0x3e000000, 0x8, 0x0, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x10, 0x0, 0x7fff7ffc}]})
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000001c0)={0x20000001})
close_range(r6, 0xffffffffffffffff, 0x0)

27.659799338s ago: executing program 6 (id=3602):
r0 = landlock_create_ruleset(&(0x7f00000001c0)={0xa019, 0x1, 0x3}, 0x18, 0x0)
landlock_restrict_self(r0, 0x4)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000240)={0x1fff}, 0x18, 0x0)
landlock_restrict_self(r1, 0x1)
landlock_restrict_self(r1, 0x1)
r2 = landlock_create_ruleset(&(0x7f0000000000)={0x1080, 0x1}, 0x18, 0x0)
landlock_restrict_self(r2, 0x0)
r3 = getpgid(0x0)
r4 = syz_pidfd_open(r3, 0x0)
pidfd_send_signal(r4, 0x0, 0x0, 0x4)

25.298115418s ago: executing program 42 (id=3602):
r0 = landlock_create_ruleset(&(0x7f00000001c0)={0xa019, 0x1, 0x3}, 0x18, 0x0)
landlock_restrict_self(r0, 0x4)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000240)={0x1fff}, 0x18, 0x0)
landlock_restrict_self(r1, 0x1)
landlock_restrict_self(r1, 0x1)
r2 = landlock_create_ruleset(&(0x7f0000000000)={0x1080, 0x1}, 0x18, 0x0)
landlock_restrict_self(r2, 0x0)
r3 = getpgid(0x0)
r4 = syz_pidfd_open(r3, 0x0)
pidfd_send_signal(r4, 0x0, 0x0, 0x4)

9.0454487s ago: executing program 4 (id=3648):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x691, &(0x7f0000000400)={0x0, 0x7866, 0x3380, 0x1, 0x40024e}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_setup(0x10a, &(0x7f0000000680)={0x0, 0x80334c, 0x10, 0x3, 0x3d3}, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000300))
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x1, 0x7})
write$UHID_CREATE2(r5, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r5, 0x0)
syz_io_uring_submit(r4, r3, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x20, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x40, 0x185100, 0x12345})
io_uring_enter(r1, 0x627, 0xc1040000, 0x43, 0x0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)

8.737149092s ago: executing program 3 (id=3650):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@sack_perm, @window={0x3, 0x6, 0x7}, @mss={0x2, 0x2}, @mss={0x2, 0x1}, @window={0x3, 0x8, 0x6}, @timestamp, @sack_perm, @window={0x3, 0x1, 0x5}], 0x8)
sendto$inet(r0, &(0x7f00000007c0)='%', 0x1, 0xe044, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r0, &(0x7f0000000380)='x', 0x1, 0x480c1, 0x0, 0x0)
r1 = socket$inet6(0x10, 0x2, 0x4)
sendto$inet6(r1, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5ac27a6c5b068d0bf46d323452536005ad94a461cdbfee9bdb942352359a351d1ec0cffc8792cd8000080", 0x4c, 0x810, 0x0, 0x0)

8.094480685s ago: executing program 0 (id=3651):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x80000)
setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
r2 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_BULK(r2, 0xc0185502, &(0x7f00000001c0)={{{0xc, 0x1}}, 0x0, 0xff, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1d, 0x7, 0x18, 0x1, 0x2020, 0xffffffffffffffff, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x1000}, 0x50)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r3, &(0x7f0000000000), 0xd)
syz_usb_connect(0x3, 0x36, &(0x7f0000000000)=ANY=[@ANYRESDEC=r0], &(0x7f00000006c0)={0x0, 0x0, 0xffe6, 0x0})
ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8982, &(0x7f0000000100))

8.069209924s ago: executing program 7 (id=3652):
openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x100, 0x0)
r2 = open(&(0x7f0000000140)='.\x00', 0x800, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r3=>r2}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189378, &(0x7f0000000280)={{0x1, 0x1, 0x18, r3, {0x7}}, './file1\x00'})

7.887005923s ago: executing program 4 (id=3653):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r1}, &(0x7f0000000800), &(0x7f0000000840)=r2}, 0x20)
symlink(0x0, 0x0)
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000023000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000580)={r0, 0x0, 0x14, 0x0, &(0x7f0000000300)="f60000a100f26b7b3c9f88bbe3dafb256201df80", 0x0, 0x10000086, 0x0, 0x31, 0x0, &(0x7f0000000000)="daf9e846ab156efc71b59652333536dbfd26a6d0546366e36eb77dd0aaa2dbe567d168904cf0d5bce1771889c98ffc0abf", 0x0}, 0x50)
r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0x76, 0x40702)
ioctl$USBDEVFS_CONNECTINFO(r3, 0x80045505, &(0x7f0000002a40))

7.449851733s ago: executing program 3 (id=3654):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000340))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x25, &(0x7f0000000000)={0x1})
fcntl$lock(r1, 0x7, &(0x7f0000001140)={0x1, 0x2, 0x6, 0x5, r0})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x26, &(0x7f0000000380)={0x0, 0x1, 0x0, 0x1})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
fcntl$lock(r3, 0x26, &(0x7f0000000140)={0x0, 0x0, 0x76, 0x6031})

7.449498801s ago: executing program 7 (id=3655):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x100000000000000, &(0x7f0000000580)="b3"})

6.976580492s ago: executing program 4 (id=3656):
r0 = socket$netlink(0x10, 0x3, 0xb)
unshare(0x22020600)
mkdir(&(0x7f0000000180)='./file1\x00', 0x60)
mount(0x0, &(0x7f0000000280)='./file1\x00', &(0x7f0000000240)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
writev(r1, &(0x7f0000000040)=[{&(0x7f0000000340)="a5", 0x1}], 0x1)
quotactl_fd$Q_SETQUOTA(r1, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x0, 0x800000000009, 0x9, 0x4, 0x0, 0x1, 0xffffffffffffffff, 0x3, 0xfffffffb})
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/mnt\x00')
setns(r2, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

6.602746703s ago: executing program 0 (id=3657):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
symlink(&(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r0 = socket(0x400000000010, 0x3, 0x0)
getsockopt(r0, 0x1, 0x9, &(0x7f0000000600)=""/236, &(0x7f0000000700)=0xec)
readlink(&(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000540)=""/4073, 0x100e)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = syz_open_dev$evdev(&(0x7f0000000e40), 0x0, 0x2000)
ioctl$EVIOCGPHYS(r2, 0x80404507, &(0x7f0000000f40)=""/4096)
ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x4e22}, {0x2, 0x4e29, @empty}, {0x2, 0x4e22, @multicast2}, 0x4, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000080)='veth0_to_bond\x00', 0x200, 0x10002, 0x7})
ioctl$sock_SIOCSIFBR(r1, 0x8941, &(0x7f0000000000)=@get={0x1, &(0x7f0000000280)=""/166, 0x2})
syz_mount_image$squashfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x8810, &(0x7f0000000240)=ANY=[@ANYBLOB='\t'], 0x1, 0x191, &(0x7f0000000440)="$eJw0kL9rE2EYxz/Pe29+1FJLDChUMIeK1wvG5K4q4nTi4pADB5eCQkMa2+Kl2iaDVxJTd/8AFykZBMFNceug4ODoIGTJVWexQ6fSQSoX3w7v+3m/L9/n+zw8q52NTg74e9BrEoAAFqf5haCBYvoBHBq+N/xpOPgPLhodG74xnOvEW08aUdTatG/b2HdfiQ28tpm/RQGGnFXsCwEyOug1t8UVluuU+1iVdeb0LBbHTo9FYUOcOsxWu+1n1U68VVlrN1ZaK61131+4Wbteq93wq4/XolbtE+LGor5N93FDciFTbp+MeySnKu/U73Mv9C7lhOwjlvas+UtXx7Rnju+AW0L47OyTG+vVknrAFfIP0xHvURRriBVi15lSaCZtAuS++iCe/qEPM4o8lnWt+TRaHiwqOcruBPInL96IjOPhlz0WCjBNcYkhpXEaG50siDN8YZBgJwQJOwmjPYqym3peGo/eTu+3Rp3nAmR53uh2N70sfBUnxE9PAWYmcSrkcj1N+GhqDPhuHv8CAAD//09bW5k=")

6.524605916s ago: executing program 7 (id=3658):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r3, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r4 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', <r5=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)={0x58, r4, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [{{0x8, 0x1, r5}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffbfff9}}}]}}]}, 0x58}, 0x1, 0x1000000, 0x0, 0x24004000}, 0x200448c0)

5.855006604s ago: executing program 4 (id=3659):
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x0, 0xfffffffffffffffd}, 0x0)
setitimer(0x2, &(0x7f0000000040)={{0x0, 0x2710}, {0x0, 0x2710}}, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_connect$printer(0x6, 0x2d, &(0x7f0000000180)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x8, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x9f, 0x40, 0x5, [{{0x9, 0x4, 0x0, 0x3, 0x1, 0x7, 0x1, 0x2, 0x80, "", {{{0x9, 0x5, 0x1, 0x2, 0x10, 0x4, 0x1, 0x2}}}}}]}}]}}, &(0x7f0000000dc0)={0xa, &(0x7f00000001c0)={0xa, 0x6, 0x201, 0xf, 0x4, 0x0, 0x40, 0x32}, 0xc, &(0x7f0000000d00)={0x5, 0xf, 0xc, 0x1, [@ext_cap={0x7, 0x10, 0x2, 0x0, 0x8, 0xb}]}, 0x1, [{0x0, 0x0}]})
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_freezer_state(r1, 0x0, 0x2, 0x0)
write$cgroup_freezer_state(r2, &(0x7f00000000c0)='FROZEN\x00', 0x7)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newsa={0x170, 0x10, 0x633, 0x0, 0x0, {{@in6=@local, @in=@broadcast, 0x0, 0x4000, 0x0, 0x8004}, {@in=@dev={0xac, 0x14, 0x14, 0x3f}, 0x0, 0x32}, @in6=@dev={0xfe, 0x80, '\x00', 0x3f}, {0x327, 0x9, 0x0, 0x4, 0xfff, 0x0, 0x1}, {}, {0x8f, 0x0, 0x8}, 0x70bd29, 0x0, 0xa, 0x1}, [@encap={0x1c, 0x20, {0x0, 0x4e22, 0x0, @in=@remote}}, @algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @encap={0x1c, 0x4, {0x2, 0x5e21, 0x0, @in=@dev={0xac, 0x14, 0x14, 0x3f}}}]}, 0x170}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

5.540385705s ago: executing program 3 (id=3660):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000e00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000e40)={'wlan0\x00', <r2=>0x0})
syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(r0, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="210f00000000000000002000000008000300", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x20000015}, 0x44000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001440)={0x1c, r5, 0x1, 0x80, 0x0, {{0x8}, {@val={0x8, 0x3, r4}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x2000c000)
syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), r0)

4.936340515s ago: executing program 0 (id=3661):
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, 0x0, &(0x7f0000000140)='GPL\x00'}, 0x94)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
gettid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
bind$netlink(0xffffffffffffffff, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010000000000000000001200000008000800000000000800090000000100180001801400020076657468305f746f5f626f6e640000000800090000000000080006"], 0x4c}, 0x1, 0x0, 0x0, 0x10000000}, 0x0)

4.166488378s ago: executing program 3 (id=3662):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21}, &(0x7f0000000300)=<r0=>0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0x0, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x3736, 0x0, 0x0, 0x41100, 0x11, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fcntl$lock(r1, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffe})
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2141, 0x59)

3.389998208s ago: executing program 0 (id=3663):
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
socket$rds(0x15, 0x5, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480))
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000005000000000000008000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003f80000850000008600000018010000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

2.852381321s ago: executing program 7 (id=3664):
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='pids.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x1430c2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x8042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='rdma.current\x00', 0x275a, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x40, 0x0)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000640)='.log\x00', 0xa5d, 0x1)

2.224975672s ago: executing program 0 (id=3665):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f0000000280)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r2 = gettid()
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
readv(r1, &(0x7f00000000c0)=[{&(0x7f0000000480)=""/136, 0x88}], 0x1)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000880)='\xf5\xfc\xd2\xec]\x95zx8*\xa2d\x11\xb5\xb1\x01\x00\x00\x00\xe49{\x8a{\x81s\xea$\xdfg\xb1\x03DY!\x97\xadM\xd7\xff\x8a\xcd[>\x12e\xc3]d8\xba\x8ec\x00\x00\x00\x00\x00\x00\x00\xa0\xe2\xd5y\xec\x90\x00\x98Y\x91\x19\x16\x89\xd0\x1a\xad\xcd\xd6\xd0\xc6\xb9\xeb\x95\xd3\x9cl\x9cu#\xb4\xee\xe5\x9d\t\fV\xd4\xda\xfc`2?\x15P\xba\x14b\x1c\xcc\xd5\xb9jA$s\xb9g3\x15M\xd9\xb9 \xca[\xc7\xec\xa9;\xee\x01\xc9\xc4\x1f\xc3\xe4\xfa\xd3fU\x0e\x86\xc8\xa7\xaf\xaf\x04p\xa3\x8bb\xbf\\\xdb\x83\x00\x96sy\x14\x1eo\xcc9&\x946\xf9\xf5v\xee\xb5m$;\x01\xb8\xeau\x00\xd1S=\x920H\xc2z\xb5\xbe\x95\xef\xeb\xd1\xc8\xa1\xba\xach\xbef\xa8\x86\xc2\x18\x9cC\x15\x9c^\xcf\xe9\xbcp\xb4Ff\x00\x9d>p\"\x19\xd8}|~\xae\xdb\a59f\xb8?\xba\xf2\x8e\xa5y\\\xf0\fkd??-\x983\xf3\x19\xc7\xc0/\xe9\x1a\x80=\xa72)\xd2\x00'/277, &(0x7f00000002c0)='/\x00\x01\x00H\x98', 0x0)
tkill(r2, 0xb)

1.726190296s ago: executing program 4 (id=3666):
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000200), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f000000c3c0)={0x2020}, 0x2020)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x65, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x30}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x800}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0xd4d, 0xa, 0x0, 0x0, 0x7fffffff, 0x8}, 0x0, 0x0)

1.622672858s ago: executing program 3 (id=3667):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3}]}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}]}], {0x14}}, 0x68}}, 0x800)
sendmsg$NFT_BATCH(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x48, 0x16, 0xa, 0x801, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x1c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'geneve0\x00'}]}]}]}], {0x14}}, 0x70}}, 0x24040884)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000020000000900010073797a30000000000900020073797a31000000002c0003800800014000000000180003801400010076657468315f746f5f626f6e6400000008000240000000006c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000004000038008000140000000002c0003801400010067656e657665300000000000000000001400010076657468315f746f5f626f6e64000000080002"], 0x10c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000900)=@newlink={0x40, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x4}}}, @IFLA_ADDRESS={0xa}]}, 0x40}, 0x1, 0x0, 0x0, 0x45844}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x118)

1.427242869s ago: executing program 7 (id=3668):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3380, 0x1, 0x40024e}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_setup(0x10a, &(0x7f0000000680)={0x0, 0x80334c, 0x10, 0x3, 0x3d3}, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000300))
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x1, 0x7})
write$UHID_CREATE2(r5, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r5, 0x0)
syz_io_uring_submit(r4, r3, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x20, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x40, 0x185100, 0x12345})
io_uring_enter(r1, 0x627, 0xc1040000, 0x43, 0x0, 0x0)
close(r0)

435.1967ms ago: executing program 0 (id=3669):
r0 = fsopen(&(0x7f0000000180)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x0)
r2 = gettid()
timer_create(0x2, &(0x7f000049efa0)={0x0, 0x8, 0x4, @tid=r2}, &(0x7f0000044000)=<r3=>0x0)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)
timer_settime(0x0, 0xffffffffffffffff, &(0x7f0000000080)={{0x77359400}, {0x0, 0x9}}, 0x0)
timer_settime(r3, 0x0, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, &(0x7f00000001c0))
fchdir(r1)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002d80), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000002d00), &(0x7f0000002d40)='./file0\x00', 0x0, &(0x7f0000000100)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)

419.331877ms ago: executing program 4 (id=3670):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000000)="0000000000000002", 0x8)
signalfd(0xffffffffffffffff, &(0x7f0000000000)={[0x1]}, 0x8)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000280)=0x8)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = dup2(r0, r3)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @empty, 0x4}], 0x1c)
sendto$inet6(r3, &(0x7f0000000040)='l', 0x1, 0x7ddfdbdfafa51cdd, &(0x7f0000000100)={0xa, 0x4e23, 0x2, @loopback, 0xffffffff}, 0x1c)
sendto$inet6(r4, &(0x7f00000001c0)='g', 0x1, 0x10, &(0x7f0000000200)={0xa, 0x4e20, 0x2, @local, 0x5}, 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, &(0x7f0000000140)={r2, 0x4}, 0x8)

97.243513ms ago: executing program 3 (id=3671):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
close(r0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r1, &(0x7f0000000d40)='<', 0xffdc, 0x24040005, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000031c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe55}}, {{0x0, 0x0, &(0x7f0000000700)=[{0x0, 0x30}, {&(0x7f0000000080)=""/43, 0x2b}, {&(0x7f00000003c0)=""/123, 0x7b}, {&(0x7f0000000540)=""/217, 0xd9}, {&(0x7f0000000640)=""/173, 0xbb}], 0x5}, 0x2}], 0x2, 0x22, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f00000002c0), 0x10044, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})

0s ago: executing program 7 (id=3672):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
unshare(0x40020000)

kernel console output (not intermixed with test programs):

539 code=0x7ffc0000
[ 1004.973427][   T30] audit: type=1326 audit(1770234002.930:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13519 comm="syz.1.2358" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f64539 code=0x7ffc0000
[ 1004.998709][   T30] audit: type=1326 audit(1770234002.930:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13519 comm="syz.1.2358" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64539 code=0x7ffc0000
[ 1005.197116][ T3081] kye 0003:0458:0138.000B: hidraw0: USB HID v0.00 Device [HID 0458:0138] on usb-dummy_hcd.1-1/input0
[ 1005.315296][ T3081] usb 2-1: USB disconnect, device number 5
[ 1005.545661][   T30] audit: type=1326 audit(1770234002.950:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13519 comm="syz.1.2358" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64539 code=0x7ffc0000
[ 1006.258654][T13541] fido_id[13541]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[ 1007.041912][T13349] veth0_vlan: entered promiscuous mode
[ 1007.108886][T13349] veth1_vlan: entered promiscuous mode
[ 1007.677471][T13349] veth0_macvtap: entered promiscuous mode
[ 1007.830976][T13349] veth1_macvtap: entered promiscuous mode
[ 1008.177824][T13349] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1008.355597][T10506] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[ 1008.372553][T13349] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1008.583270][T10506] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1008.587575][ T3465] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1008.597852][T10506] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1008.614771][T10506] usb 10-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[ 1008.629010][T10506] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1008.792893][ T3465] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1008.833987][T10506] usb 10-1: config 0 descriptor??
[ 1008.877997][ T3465] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1008.967445][ T9261] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1009.428017][T10506] hid_parser_main: 1260 callbacks suppressed
[ 1009.428127][T10506] cp2112 0003:10C4:EA90.000C: unknown main item tag 0x0
[ 1009.558638][T10506] cp2112 0003:10C4:EA90.000C: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.9-1/input0
[ 1009.710719][T10506] cp2112 0003:10C4:EA90.000C: Part Number: 0x1A Device Version: 0xC4
[ 1010.680681][ T5832] usb 10-1: USB disconnect, device number 12
[ 1010.742558][T13573] fido_id[13573]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.9/usb10/10-1/report_descriptor': No such file or directory
[ 1011.580133][T13586] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2372'.
[ 1012.287343][T10506] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[ 1012.466016][T10506] usb 2-1: Using ep0 maxpacket: 32
[ 1012.501442][T10506] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1012.513245][T10506] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1012.529354][T10506] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1012.538837][T10506] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1012.730626][T10506] usb 2-1: config 0 descriptor??
[ 1012.799352][T10506] hub 2-1:0.0: USB hub found
[ 1013.086920][T10506] hub 2-1:0.0: 1 port detected
[ 1013.730297][T10506] hub 2-1:0.0: activate --> -90
[ 1014.173646][ T5832] usb 2-1: USB disconnect, device number 6
[ 1014.175345][T10506] usb 2-1-port1: config error
[ 1015.341890][T13624] loop9: detected capacity change from 0 to 256
[ 1015.363186][T13626] overlayfs: failed to resolve './file0': -2
[ 1015.622980][T13624] exFAT-fs (loop9): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[ 1015.683259][T13624] exFAT-fs (loop9): failed to load alloc-bitmap
[ 1015.693968][T13624] exFAT-fs (loop9): failed to recognize exfat type
[ 1016.601636][T13641] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2384'.
[ 1016.843617][T13644] sd 0:0:1:0: PR command failed: 1026
[ 1016.851369][T13644] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1016.859271][T13644] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1017.496480][T13653] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2387'.
[ 1017.600201][T13653] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2387'.
[ 1018.312003][ T9261] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1018.321156][ T9261] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1018.788955][ T1310] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1018.797291][ T1310] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1020.410259][T13683] loop9: detected capacity change from 0 to 2048
[ 1020.766225][T13683] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1020.876439][T13690] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2396'.
[ 1021.036831][T13683] EXT4-fs (loop9): shut down requested (0)
[ 1021.279693][T13701] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2398'.
[ 1021.342169][T13702] syzkaller0: entered allmulticast mode
[ 1021.401586][T13700] syzkaller0: entered promiscuous mode
[ 1021.459421][T13700] syzkaller0 (unregistering): left promiscuous mode
[ 1021.466880][T13700] syzkaller0 (unregistering): left allmulticast mode
[ 1021.507281][ T9312] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1022.907174][T13711] loop9: detected capacity change from 0 to 4096
[ 1023.012339][T13711] EXT4-fs (loop9): Test dummy encryption mode enabled
[ 1023.135710][T13711] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1024.037865][ T9312] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1026.284458][ T3081] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[ 1026.495518][ T3081] usb 10-1: Using ep0 maxpacket: 8
[ 1026.535899][ T3081] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1026.595355][ T3081] usb 10-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[ 1026.604882][ T3081] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1026.691405][ T3081] usb 10-1: config 0 descriptor??
[ 1026.769735][ T3081] gspca_main: vc032x-2.14.0 probing 046d:0892
[ 1027.841220][T13769] loop1: detected capacity change from 0 to 128
[ 1028.106160][T13769] Invalid ELF header len 1
[ 1028.508623][ T3081] gspca_vc032x: reg_w err -71
[ 1028.514543][ T3081] vc032x 10-1:0.0: probe with driver vc032x failed with error -71
[ 1028.588808][ T3081] usb 10-1: USB disconnect, device number 13
[ 1029.799662][   T30] audit: type=1326 audit(1770234027.900:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13786 comm="syz.9.2423" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f05539 code=0x0
[ 1030.207997][T13792] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2424'.
[ 1033.043287][T13830] overlayfs: failed to clone upperpath
[ 1036.214694][ T3081] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[ 1036.403583][ T3081] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1036.415855][ T3081] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1036.426417][ T3081] usb 10-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80
[ 1036.440778][ T3081] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1036.465547][T13868] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2447'.
[ 1036.642088][ T3081] usb 10-1: config 0 descriptor??
[ 1036.713047][T13862] hsr0 speed is unknown, defaulting to 1000
[ 1037.267085][ T3081] cp2112 0003:10C4:EA90.000D: unknown main item tag 0x0
[ 1037.348488][ T3081] cp2112 0003:10C4:EA90.000D: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.9-1/input0
[ 1037.519226][ T3081] cp2112 0003:10C4:EA90.000D: Part Number: 0x82 Device Version: 0xFE
[ 1038.080995][T13886] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2451'.
[ 1038.155827][T13861] cp2112 0003:10C4:EA90.000D: Error starting transaction: -38
[ 1038.255177][ T3081] cp2112 0003:10C4:EA90.000D: error reading lock byte: -71
[ 1038.401023][ T3081] usb 10-1: USB disconnect, device number 14
[ 1038.844661][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 1038.851441][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 1040.022034][T13904] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1040.115168][T13904] overlayfs: failed to set xattr on upper
[ 1040.121818][T13904] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1040.130238][T13904] overlayfs: ...falling back to index=off.
[ 1040.137723][T13904] overlayfs: ...falling back to uuid=null.
[ 1040.143793][T13904] overlayfs: ...falling back to xino=off.
[ 1040.209980][T13904] overlayfs: conflicting lowerdir path
[ 1042.467848][T13930] netlink: 'syz.1.2462': attribute type 10 has an invalid length.
[ 1042.685947][T13930] bond0: (slave netdevsim3): Enslaving as an active interface with an up link
[ 1043.114023][T13937] overlayfs: upper fs does not support tmpfile.
[ 1047.815368][T12505] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1047.835072][T12505] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1047.863632][T12505] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1047.901909][T12505] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1047.919837][T12505] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1048.216333][T13985] hsr0 speed is unknown, defaulting to 1000
[ 1050.016991][T12505] Bluetooth: hci3: command tx timeout
[ 1050.087962][T13985] chnl_net:caif_netlink_parms(): no params data found
[ 1051.502424][T14024] overlayfs: failed to clone upperpath
[ 1052.094961][T12505] Bluetooth: hci3: command tx timeout
[ 1052.367378][T13985] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1052.375191][T13985] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1052.435158][T13985] bridge_slave_0: entered allmulticast mode
[ 1052.485032][T13985] bridge_slave_0: entered promiscuous mode
[ 1052.594528][T13985] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1052.602267][T13985] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1052.662605][T13985] bridge_slave_1: entered allmulticast mode
[ 1052.710430][T13985] bridge_slave_1: entered promiscuous mode
[ 1053.202107][T13985] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1053.229588][T13985] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1053.652812][T13985] team0: Port device team_slave_0 added
[ 1053.754679][T13985] team0: Port device team_slave_1 added
[ 1053.828851][   T30] audit: type=1326 audit(1770234051.930:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14046 comm="syz.1.2494" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64539 code=0x7ffc0000
[ 1053.993031][   T30] audit: type=1326 audit(1770234051.930:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14046 comm="syz.1.2494" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f64539 code=0x7ffc0000
[ 1054.018923][   T30] audit: type=1326 audit(1770234051.930:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14046 comm="syz.1.2494" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64539 code=0x7ffc0000
[ 1054.044357][   T30] audit: type=1326 audit(1770234051.960:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14046 comm="syz.1.2494" exe="/root/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf7f64539 code=0x7ffc0000
[ 1054.067308][   T30] audit: type=1326 audit(1770234051.970:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14046 comm="syz.1.2494" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64539 code=0x7ffc0000
[ 1054.095748][   T30] audit: type=1326 audit(1770234052.030:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14046 comm="syz.1.2494" exe="/root/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf7f64539 code=0x7ffc0000
[ 1054.118782][   T30] audit: type=1326 audit(1770234052.030:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14046 comm="syz.1.2494" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64539 code=0x7ffc0000
[ 1054.142035][   T30] audit: type=1326 audit(1770234052.030:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14046 comm="syz.1.2494" exe="/root/syz-executor" sig=0 arch=40000003 syscall=163 compat=1 ip=0xf7f64539 code=0x7ffc0000
[ 1054.164876][   T30] audit: type=1326 audit(1770234052.040:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14046 comm="syz.1.2494" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64539 code=0x7ffc0000
[ 1054.195067][   T30] audit: type=1326 audit(1770234052.060:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14046 comm="syz.1.2494" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64539 code=0x7ffc0000
[ 1054.208743][T12505] Bluetooth: hci3: command tx timeout
[ 1054.473772][T13985] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1054.484600][T13985] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1054.515003][T13985] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1054.746292][T13985] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1054.753675][T13985] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1054.781578][T13985] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1054.880406][T14054] overlayfs: failed to clone upperpath
[ 1055.125338][ T3081] libceph: connect (1)[c::]:6789 error -101
[ 1055.132352][ T3081] libceph: mon0 (1)[c::]:6789 connect error
[ 1055.141195][T14056] ceph: No mds server is up or the cluster is laggy
[ 1055.175743][ T3081] libceph: connect (1)[c::]:6789 error -101
[ 1055.182267][ T3081] libceph: mon0 (1)[c::]:6789 connect error
[ 1055.745345][T13985] hsr_slave_0: entered promiscuous mode
[ 1055.808278][T13985] hsr_slave_1: entered promiscuous mode
[ 1055.877562][T13985] debugfs: 'hsr0' already exists in 'hsr'
[ 1055.883534][T13985] Cannot create hsr debugfs directory
[ 1056.254505][T12505] Bluetooth: hci3: command tx timeout
[ 1058.742632][T14098] netlink: 14 bytes leftover after parsing attributes in process `syz.1.2507'.
[ 1058.986862][T14094] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1059.034437][T14094] bond0: (slave bond1): Enslaving as an active interface with an up link
[ 1059.318633][T14098] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1059.446618][T14098] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1059.555027][T14098] bond0 (unregistering): (slave netdevsim3): Releasing backup interface
[ 1059.686763][T14098] bond0 (unregistering): (slave bond1): Releasing backup interface
[ 1059.791517][T14098] bond0 (unregistering): Released all slaves
[ 1060.270761][T13985] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1060.501926][T13985] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1060.686471][T13985] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1060.830009][T13985] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1061.374923][ T5789] Bluetooth: hci2: command 0x0406 tx timeout
[ 1062.739931][T14134] loop1: detected capacity change from 0 to 512
[ 1062.842474][T13985] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1062.872886][T14134] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1063.128664][T14134] EXT4-fs (loop1): 1 truncate cleaned up
[ 1063.165757][T13985] 8021q: adding VLAN 0 to HW filter on device team0
[ 1063.182738][T14134] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1063.443523][ T9268] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1063.451182][ T9268] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1063.584529][ T9268] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1063.592254][ T9268] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1064.861293][ T8446] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1064.957339][T12882] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1065.169058][ T8446] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1065.469430][ T8446] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1065.771168][ T8446] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1066.635338][ T8446] bridge_slave_1: left allmulticast mode
[ 1066.641576][ T8446] bridge_slave_1: left promiscuous mode
[ 1066.650806][ T8446] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1066.810731][ T8446] bridge_slave_0: left allmulticast mode
[ 1066.817224][ T8446] bridge_slave_0: left promiscuous mode
[ 1066.824287][ T8446] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1067.832452][ T8446] bond1 (unregistering): Released all slaves
[ 1068.339703][T13985] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1068.792102][ T8446] hsr_slave_0: left promiscuous mode
[ 1068.824580][ T8446] hsr_slave_1: left promiscuous mode
[ 1068.833113][ T8446] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1068.847249][ T8446] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1068.961510][ T8446] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1068.969896][ T8446] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1069.161755][ T8446] veth1_macvtap: left promiscuous mode
[ 1069.192951][ T8446] veth0_macvtap: left promiscuous mode
[ 1069.226865][ T8446] veth1_vlan: left promiscuous mode
[ 1069.265368][ T8446] veth0_vlan: left promiscuous mode
[ 1070.057586][ T5789] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1070.077034][ T5789] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1070.107642][ T5789] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1070.160209][ T5789] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1070.194574][ T5789] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1070.244641][ T3081] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[ 1070.449256][ T3081] usb 10-1: Using ep0 maxpacket: 32
[ 1070.489592][ T3081] usb 10-1: config 3 has an invalid interface number: 202 but max is 0
[ 1070.498532][ T3081] usb 10-1: config 3 has no interface number 0
[ 1070.548569][ T3081] usb 10-1: New USB device found, idVendor=0b95, idProduct=178a, bcdDevice=b0.61
[ 1070.558630][ T3081] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1070.569358][ T3081] usb 10-1: Product: syz
[ 1070.573845][ T3081] usb 10-1: Manufacturer: syz
[ 1070.582540][ T3081] usb 10-1: SerialNumber: syz
[ 1070.636159][ T3081] ax88179_178a 10-1:3.202: probe with driver ax88179_178a failed with error -22
[ 1071.001992][ T3081] usb 10-1: USB disconnect, device number 15
[ 1071.631444][ T8446] team0 (unregistering): Port device team_slave_1 removed
[ 1071.740092][ T8446] team0 (unregistering): Port device team_slave_0 removed
[ 1072.276934][ T5789] Bluetooth: hci2: command tx timeout
[ 1073.210456][T14194] hsr0 speed is unknown, defaulting to 1000
[ 1074.334499][ T5789] Bluetooth: hci2: command tx timeout
[ 1074.949759][T14239] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2542'.
[ 1075.581376][T14194] chnl_net:caif_netlink_parms(): no params data found
[ 1075.812579][T13985] veth0_vlan: entered promiscuous mode
[ 1076.212991][T13985] veth1_vlan: entered promiscuous mode
[ 1076.434416][ T5789] Bluetooth: hci2: command tx timeout
[ 1076.847995][T13985] veth0_macvtap: entered promiscuous mode
[ 1076.992480][T13985] veth1_macvtap: entered promiscuous mode
[ 1077.342832][T13985] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1077.638159][T13985] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1077.996158][T14194] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1078.005257][T14194] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1078.048895][T14194] bridge_slave_0: entered allmulticast mode
[ 1078.074635][T14194] bridge_slave_0: entered promiscuous mode
[ 1078.123432][T14194] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1078.131580][T14194] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1078.199995][T14194] bridge_slave_1: entered allmulticast mode
[ 1078.243210][T14194] bridge_slave_1: entered promiscuous mode
[ 1078.324868][ T9261] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1078.334049][ T9261] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1078.515457][ T5789] Bluetooth: hci2: command tx timeout
[ 1078.549231][ T9261] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1078.848536][T14194] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1078.862111][ T1310] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1079.007197][T14194] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1079.538934][T14194] team0: Port device team_slave_0 added
[ 1079.656752][T14194] team0: Port device team_slave_1 added
[ 1080.133684][T14194] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1080.141540][T14194] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1080.168432][T14194] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1080.298002][T14194] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1080.310642][T14194] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1080.339709][T14194] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1081.070862][T14194] hsr_slave_0: entered promiscuous mode
[ 1081.138803][T14194] hsr_slave_1: entered promiscuous mode
[ 1081.182043][T14194] debugfs: 'hsr0' already exists in 'hsr'
[ 1081.188382][T14194] Cannot create hsr debugfs directory
[ 1083.957183][T14342] overlayfs: failed to resolve './cgroup': -2
[ 1084.639411][T14194] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1084.728360][T14194] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1084.858512][T14194] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1085.056682][T14194] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1085.815787][T14364] ªªªªªª: renamed from vlan0 (while UP)
[ 1085.874909][   T30] kauditd_printk_skb: 5 callbacks suppressed
[ 1085.875003][   T30] audit: type=1800 audit(1770234083.960:188): pid=14361 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2566" name="file1" dev="tmpfs" ino=1818 res=0 errno=0
[ 1086.826520][T14194] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1087.182436][T14194] 8021q: adding VLAN 0 to HW filter on device team0
[ 1087.382981][ T5879] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1087.390881][ T5879] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1087.673065][ T5879] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1087.680775][ T5879] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1087.947542][ T8459] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1087.956528][ T8459] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1088.556784][ T8459] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1088.565288][ T8459] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1088.967925][T14387] overlayfs: failed to clone upperpath
[ 1090.131852][T14394] loop9: detected capacity change from 0 to 4096
[ 1090.435570][T14394] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1090.705678][T14394] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2574'.
[ 1090.867012][T14413] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2574'.
[ 1090.931791][T14194] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1090.951542][T14394] netlink: 32 bytes leftover after parsing attributes in process `syz.9.2574'.
[ 1091.648048][ T9312] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1091.868363][T14194] veth0_vlan: entered promiscuous mode
[ 1092.129015][T14194] veth1_vlan: entered promiscuous mode
[ 1092.733394][T14194] veth0_macvtap: entered promiscuous mode
[ 1092.890671][T14194] veth1_macvtap: entered promiscuous mode
[ 1093.116631][T10506] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[ 1093.378545][T10506] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1093.389727][T10506] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1093.422766][T14194] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1093.532993][T10506] usb 10-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1093.542566][T10506] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1093.551166][T10506] usb 10-1: SerialNumber: syz
[ 1093.623356][T14194] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1093.973025][ T8446] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1093.987809][T10506] usb 10-1: 0:2 : does not exist
[ 1094.035312][ T8446] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1094.137977][ T8446] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1094.179934][ T8446] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1094.270743][T10506] usb 10-1: USB disconnect, device number 16
[ 1094.595494][T13255] udevd[13255]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1096.610506][T14458] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2589'.
[ 1099.685175][T14495] netlink: 'syz.0.2599': attribute type 1 has an invalid length.
[ 1100.166000][T14495] 8021q: adding VLAN 0 to HW filter on device bond4
[ 1100.232049][T14504] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2600'.
[ 1100.287552][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 1100.294610][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 1100.507639][T14500] bond4: (slave geneve2): making interface the new active one
[ 1100.561377][T14500] bond4: (slave geneve2): Enslaving as an active interface with an up link
[ 1100.630037][ T9261] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1100.692111][ T9261] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1100.729596][ T9261] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1100.770529][ T9261] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1103.482280][ T9268] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1103.491297][ T9268] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1103.545122][T10505] usb 10-1: new high-speed USB device number 17 using dummy_hcd
[ 1103.860805][ T3465] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1103.869304][ T3465] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1103.891937][T10505] usb 10-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1103.921306][T10505] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1103.933229][T10505] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1103.943937][T10505] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1104.156201][T10505] usb 10-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1104.172413][T10505] usb 10-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1104.183947][T10505] usb 10-1: Manufacturer: syz
[ 1104.300935][T10505] usb 10-1: config 0 descriptor??
[ 1104.811123][T10505] appleir 0003:05AC:8243.000E: unknown main item tag 0x0
[ 1104.929571][T10505] appleir 0003:05AC:8243.000E: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.9-1/input0
[ 1105.525404][ T5835] usb 10-1: USB disconnect, device number 17
[ 1106.218414][T14573] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2615'.
[ 1106.350996][T14567] fido_id[14567]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.9/usb10/report_descriptor': No such file or directory
[ 1107.967720][   T30] audit: type=1326 audit(1770234106.070:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14592 comm="syz.3.2622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1108.051692][T14599] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2621'.
[ 1108.119404][   T30] audit: type=1326 audit(1770234106.070:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14592 comm="syz.3.2622" exe="/root/syz-executor" sig=0 arch=40000003 syscall=29 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1113.701336][T14670] loop6: detected capacity change from 0 to 2640
[ 1113.747118][T14670] buffer_io_error: 138 callbacks suppressed
[ 1113.747201][T14670] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1113.849675][T14670] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1113.910605][T14670] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1113.979032][T14670] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1114.071790][T14670] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1114.154987][T14670] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1114.194505][T14670] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1114.467756][T14670] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1114.476361][T14670] ldm_validate_partition_table(): Disk read failed.
[ 1114.524763][T14670] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1114.637567][T14670] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1114.723482][T14670] Dev loop6: unable to read RDB block 0
[ 1114.792563][T14670]  loop6: unable to read partition table
[ 1114.836276][T14670] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[ 1117.675369][T14724] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2661'.
[ 1117.732859][T14722] netlink: 156 bytes leftover after parsing attributes in process `syz.0.2660'.
[ 1117.863275][T14722] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2660'.
[ 1117.915928][T14729] bridge0: port 3(syz_tun) entered blocking state
[ 1117.923043][T14729] bridge0: port 3(syz_tun) entered disabled state
[ 1117.990231][T14729] syz_tun: entered allmulticast mode
[ 1118.079345][T14729] syz_tun: entered promiscuous mode
[ 1118.085198][T14730] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2663'.
[ 1118.183913][T14729] bridge0: port 3(syz_tun) entered blocking state
[ 1118.191131][T14729] bridge0: port 3(syz_tun) entered forwarding state
[ 1118.422923][T14730] bridge0: port 3(syz_tun) entered disabled state
[ 1118.493924][T14730] syz_tun (unregistering): left allmulticast mode
[ 1118.510298][T14730] syz_tun (unregistering): left promiscuous mode
[ 1118.517612][T14730] bridge0: port 3(syz_tun) entered disabled state
[ 1120.865933][T14760] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[ 1123.016978][T14784] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2681'.
[ 1123.026459][T14784] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2681'.
[ 1125.367900][ T5789] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[ 1125.378062][ T5789] CPU: 0 UID: 0 PID: 5789 Comm: kworker/u9:5 Tainted: G        W    L      syzkaller #0 PREEMPT(voluntary) 
[ 1125.378395][ T5789] Tainted: [W]=WARN, [L]=SOFTLOCKUP
[ 1125.378471][ T5789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1125.378583][ T5789] Workqueue: hci2 hci_rx_work
[ 1125.378742][ T5789] Call Trace:
[ 1125.378796][ T5789]  <TASK>
[ 1125.378849][ T5789]  __dump_stack+0x26/0x30
[ 1125.379019][ T5789]  dump_stack_lvl+0x14c/0x1c0
[ 1125.379197][ T5789]  dump_stack+0x1e/0x25
[ 1125.379364][ T5789]  sysfs_create_dir_ns+0x46c/0x540
[ 1125.379552][ T5789]  kobject_add_internal+0x1084/0x19b0
[ 1125.379733][ T5789]  kobject_add+0x2c1/0x410
[ 1125.379960][ T5789]  ? kmsan_get_metadata+0xf1/0x160
[ 1125.380167][ T5789]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1125.380393][ T5789]  device_add+0xa70/0x1c00
[ 1125.380595][ T5789]  hci_conn_add_sysfs+0x159/0x2e0
[ 1125.380811][ T5789]  le_conn_complete_evt+0x1d0a/0x2250
[ 1125.381030][ T5789]  hci_le_enh_conn_complete_evt+0x158/0x260
[ 1125.381237][ T5789]  hci_le_meta_evt+0x6eb/0x960
[ 1125.381407][ T5789]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[ 1125.381616][ T5789]  hci_event_packet+0xce2/0x1e40
[ 1125.381759][ T5789]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1125.381970][ T5789]  hci_rx_work+0x8c3/0xfc0
[ 1125.382123][ T5789]  ? kmsan_get_metadata+0xf1/0x160
[ 1125.382330][ T5789]  ? __pfx_hci_rx_work+0x10/0x10
[ 1125.382480][ T5789]  process_scheduled_works+0xae7/0x1d60
[ 1125.382741][ T5789]  worker_thread+0x1741/0x1de0
[ 1125.382988][ T5789]  kthread+0xd5a/0xf00
[ 1125.383133][ T5789]  ? __pfx_worker_thread+0x10/0x10
[ 1125.383359][ T5789]  ? __pfx_kthread+0x10/0x10
[ 1125.383504][ T5789]  ret_from_fork+0x207/0x6f0
[ 1125.383699][ T5789]  ? __switch_to+0x521/0x750
[ 1125.383867][ T5789]  ? __pfx_kthread+0x10/0x10
[ 1125.384020][ T5789]  ret_from_fork_asm+0x1a/0x30
[ 1125.384235][ T5789]  </TASK>
[ 1125.574847][ T5789] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1125.591571][ T5789] Bluetooth: hci2: failed to register connection device
[ 1127.744989][T14840] loop9: detected capacity change from 0 to 512
[ 1127.890045][T14834] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[ 1128.020319][T14840] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1129.059540][ T9312] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1130.634965][T14868] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2706'.
[ 1130.730282][T14868] gretap0: entered promiscuous mode
[ 1130.731899][T14873] netlink: 45349 bytes leftover after parsing attributes in process `syz.0.2706'.
[ 1130.770392][T14873] 0ªX¹¦Dö»: renamed from gretap0
[ 1131.073945][T14873] 0ªX¹¦Dö»: left promiscuous mode
[ 1131.079682][T14873] 0ªX¹¦Dö»: entered allmulticast mode
[ 1131.173058][T14877] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2709'.
[ 1131.259532][T14877] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2709'.
[ 1131.533004][T14881] loop6: detected capacity change from 0 to 2640
[ 1131.576421][T14881] buffer_io_error: 11 callbacks suppressed
[ 1131.576505][T14881] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1131.687107][T14881] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1131.755186][T14881] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1131.763423][T14881] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1132.048026][T14881] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1132.280737][T14881] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1132.457808][T14881] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1132.695298][T14881] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1132.703562][T14881] ldm_validate_partition_table(): Disk read failed.
[ 1133.210719][T14881] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1133.461777][T14881] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1133.471603][T14881] Dev loop6: unable to read RDB block 0
[ 1133.479984][T14881]  loop6: unable to read partition table
[ 1133.575225][T14881] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[ 1135.244908][ T5835] usb 10-1: new high-speed USB device number 18 using dummy_hcd
[ 1135.544734][ T5835] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1135.556379][ T5835] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1135.567003][ T5835] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1135.580813][ T5835] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1135.591165][ T5835] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1135.796456][ T5835] usb 10-1: config 0 descriptor??
[ 1135.968991][T14976] bridge0: port 3(syz_tun) entered blocking state
[ 1135.977112][T14976] bridge0: port 3(syz_tun) entered disabled state
[ 1136.062179][T14976] syz_tun: entered allmulticast mode
[ 1136.170379][T14976] syz_tun: entered promiscuous mode
[ 1136.247120][T14976] bridge0: port 3(syz_tun) entered blocking state
[ 1136.254605][T14976] bridge0: port 3(syz_tun) entered forwarding state
[ 1136.342331][T14964] input: syz1 as /devices/virtual/input/input10
[ 1136.357476][T14980] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2715'.
[ 1136.745086][ T5835] usbhid 10-1:0.0: can't add hid device: -71
[ 1136.752212][ T5835] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[ 1136.914481][ T5835] usb 10-1: USB disconnect, device number 18
[ 1137.683050][T14995] netlink: 'syz.6.2721': attribute type 4 has an invalid length.
[ 1137.769727][T14999] netlink: 'syz.6.2721': attribute type 4 has an invalid length.
[ 1138.904697][T15008] netlink: zone id is out of range
[ 1138.932984][T15008] netlink: zone id is out of range
[ 1138.938549][T15008] netlink: zone id is out of range
[ 1138.960099][T15010] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2724'.
[ 1139.026505][T15008] netlink: zone id is out of range
[ 1139.066979][T15008] netlink: zone id is out of range
[ 1139.077806][T15008] netlink: zone id is out of range
[ 1139.090576][T15008] netlink: zone id is out of range
[ 1139.099097][T15008] netlink: zone id is out of range
[ 1139.104573][T15008] netlink: zone id is out of range
[ 1139.110148][T15008] netlink: zone id is out of range
[ 1139.612230][T15012] netlink: 'syz.9.2724': attribute type 2 has an invalid length.
[ 1139.692881][T15015] tipc: Started in network mode
[ 1139.703557][T15015] tipc: Node identity 660d9620b481, cluster identity 4711
[ 1139.712902][T15015] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1140.153659][T15022] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2729'.
[ 1140.235634][T15022] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2729'.
[ 1140.698049][T15015] syzkaller0: entered promiscuous mode
[ 1140.703774][T15015] syzkaller0: entered allmulticast mode
[ 1140.790716][T15015] tipc: Resetting bearer <eth:syzkaller0>
[ 1140.895084][T15014] tipc: Resetting bearer <eth:syzkaller0>
[ 1141.183983][T15014] tipc: Disabling bearer <eth:syzkaller0>
[ 1141.273104][ T5835] tipc: Node number set to 3532428832
[ 1145.037627][T15069] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2741'.
[ 1146.510865][ T1310] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1146.848537][ T1310] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1147.342847][ T1310] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1147.561998][ T1310] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1147.714565][T15093] lo: entered allmulticast mode
[ 1147.985497][T15092] lo: left allmulticast mode
[ 1148.486664][ T1310] bridge_slave_1: left allmulticast mode
[ 1148.492662][ T1310] bridge_slave_1: left promiscuous mode
[ 1148.509940][ T1310] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1148.678931][ T1310] bridge_slave_0: left allmulticast mode
[ 1148.686439][ T1310] bridge_slave_0: left promiscuous mode
[ 1148.693591][ T1310] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1148.737591][T15103] faux_driver vkms: [drm] Unknown color mode 67108870; guessing buffer size.
[ 1150.678084][ T1310] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1150.823388][ T1310] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1150.851036][ T1310] bond0 (unregistering): Released all slaves
[ 1152.349351][ T1310] hsr_slave_0: left promiscuous mode
[ 1152.412058][ T1310] hsr_slave_1: left promiscuous mode
[ 1152.457210][ T1310] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1152.465515][ T1310] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1152.552986][ T1310] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1152.561240][ T1310] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1152.752533][ T1310] veth1_macvtap: left promiscuous mode
[ 1152.769879][ T1310] veth0_macvtap: left promiscuous mode
[ 1152.815402][ T1310] veth1_vlan: left promiscuous mode
[ 1152.821009][ T1310] veth0_vlan: left promiscuous mode
[ 1153.863217][T15155] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2769'.
[ 1153.872757][T15155] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2769'.
[ 1154.893412][T15159] loop9: detected capacity change from 0 to 256
[ 1155.002002][T15159] vfat: Unknown parameter 'nnonumtail'
[ 1155.153005][T15159] netlink: 25 bytes leftover after parsing attributes in process `syz.9.2768'.
[ 1155.241904][T15160] netlink: 45349 bytes leftover after parsing attributes in process `syz.9.2768'.
[ 1156.270837][ T1310] team0 (unregistering): Port device team_slave_1 removed
[ 1156.444794][ T1310] team0 (unregistering): Port device team_slave_0 removed
[ 1157.975510][T15159] gretap0: entered promiscuous mode
[ 1158.143836][T15160] 0ªX¹¦Dö»: renamed from gretap0
[ 1158.393412][T15160] 0ªX¹¦Dö»: left promiscuous mode
[ 1158.399064][T15160] 0ªX¹¦Dö»: entered allmulticast mode
[ 1160.570707][T15207] loop3: detected capacity change from 0 to 64
[ 1160.610412][T15205] netlink: 5128 bytes leftover after parsing attributes in process `syz.9.2784'.
[ 1160.720871][T15205] netlink: 5128 bytes leftover after parsing attributes in process `syz.9.2784'.
[ 1160.730765][T15205] netlink: 584 bytes leftover after parsing attributes in process `syz.9.2784'.
[ 1161.145191][ T9601] usb 10-1: new high-speed USB device number 19 using dummy_hcd
[ 1161.363560][ T9601] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1161.374634][ T9601] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1161.448061][ T9601] usb 10-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1161.457968][ T9601] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1161.466788][ T9601] usb 10-1: SerialNumber: syz
[ 1161.733178][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 1161.740370][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 1161.927912][ T9601] usb 10-1: 0:2 : does not exist
[ 1161.933225][ T9601] usb 10-1: unit 255 not found!
[ 1162.068247][ T9601] usb 10-1: 5:0: cannot get min/max values for control 2 (id 5)
[ 1162.286174][ T9601] usb 10-1: USB disconnect, device number 19
[ 1163.010362][T13255] udevd[13255]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1164.398491][T15247] veth0_to_team: entered promiscuous mode
[ 1164.729553][T15252] tipc: Enabling of bearer <ib:vcan0> rejected, failed to enable media
[ 1166.683343][ T3081] usb 10-1: new high-speed USB device number 20 using dummy_hcd
[ 1166.889515][ T3081] usb 10-1: Using ep0 maxpacket: 32
[ 1166.949609][ T3081] usb 10-1: config 0 has an invalid interface number: 188 but max is 0
[ 1166.958460][ T3081] usb 10-1: config 0 has no interface number 0
[ 1167.038024][ T3081] usb 10-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[ 1167.114526][ T3081] usb 10-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[ 1167.124759][ T3081] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1167.133365][ T3081] usb 10-1: Product: syz
[ 1167.141395][ T3081] usb 10-1: Manufacturer: syz
[ 1167.147149][ T3081] usb 10-1: SerialNumber: syz
[ 1167.277490][ T3081] usb 10-1: config 0 descriptor??
[ 1167.327349][T15274] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1167.691099][T15274] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1167.847258][T15284] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2805'.
[ 1169.450782][T15299] geneve3: entered promiscuous mode
[ 1169.612263][ T3081] asix 10-1:0.188 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1169.623858][ T3081] asix 10-1:0.188 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 1169.661268][ T3081] asix 10-1:0.188: probe with driver asix failed with error -71
[ 1169.714814][T15302] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1169.825737][ T3081] usb 10-1: USB disconnect, device number 20
[ 1169.833233][ T3465] netdevsim netdevsim0 eth0: set [1, 1] type 2 family 0 port 35742 - 0
[ 1169.875834][T14930] netdevsim netdevsim0 eth1: set [1, 1] type 2 family 0 port 35742 - 0
[ 1169.928364][T14930] netdevsim netdevsim0 eth2: set [1, 1] type 2 family 0 port 35742 - 0
[ 1169.953579][T13255] udevd[13255]: setting mode of /dev/bus/usb/010/020 to 020664 failed: No such file or directory
[ 1170.059725][T13255] udevd[13255]: setting owner of /dev/bus/usb/010/020 to uid=0, gid=0 failed: No such file or directory
[ 1171.211375][T15302] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1171.224796][T15302] netdevsim netdevsim0 eth2 (unregistering): unset [1, 1] type 2 family 0 port 35742 - 0
[ 1171.409247][T15302] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1171.424877][T15302] netdevsim netdevsim0 eth1 (unregistering): unset [1, 1] type 2 family 0 port 35742 - 0
[ 1171.710312][T15302] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1171.721554][T15302] netdevsim netdevsim0 eth0 (unregistering): unset [1, 1] type 2 family 0 port 35742 - 0
[ 1172.222398][T15327] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2819'.
[ 1172.232262][T15327] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2819'.
[ 1172.273819][T14908] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 35742 - 0
[ 1172.284926][T14908] netdevsim netdevsim0 eth0: set [1, 1] type 2 family 0 port 6081 - 0
[ 1172.409149][T14938] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 35742 - 0
[ 1172.418044][T14938] netdevsim netdevsim0 eth1: set [1, 1] type 2 family 0 port 6081 - 0
[ 1172.551623][T14938] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 35742 - 0
[ 1172.560582][T14938] netdevsim netdevsim0 eth2: set [1, 1] type 2 family 0 port 6081 - 0
[ 1172.690165][T14908] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 35742 - 0
[ 1172.699605][T14908] netdevsim netdevsim0 eth3: set [1, 1] type 2 family 0 port 6081 - 0
[ 1174.015470][T12505] Bluetooth: hci3: command 0x0406 tx timeout
[ 1174.168248][T15346] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input11
[ 1174.232709][T15349] syz_tun: entered allmulticast mode
[ 1174.311767][T15346] veth0_to_team: entered promiscuous mode
[ 1174.852722][T15342] syz_tun: left allmulticast mode
[ 1175.690617][T15356] syz.3.2827 (15356): drop_caches: 2
[ 1176.463286][T15369] overlayfs: failed to clone upperpath
[ 1179.316772][T15390] bridge0: port 3(syz_tun) entered disabled state
[ 1179.380293][T15390] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1179.390882][T15390] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1180.281823][T15390] veth0_to_team: left promiscuous mode
[ 1180.436667][T15390] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1180.541318][T15390] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1181.920033][T15400] veth0_to_team: entered promiscuous mode
[ 1181.944906][T14930] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1181.991155][T14930] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1182.102051][T14930] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1182.153868][T14930] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1183.918843][ T3081] IPVS: starting estimator thread 0...
[ 1184.021635][T15440] IPVS: using max 192 ests per chain, 9600 per kthread
[ 1186.168098][T15466] netlink: 44 bytes leftover after parsing attributes in process `syz.6.2861'.
[ 1186.705502][T15472] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2863'.
[ 1186.715077][T15472] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2863'.
[ 1188.696766][T15497] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2872'.
[ 1189.264981][T15504] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2875'.
[ 1189.622186][T15508] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2874'.
[ 1189.632010][T15508] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2874'.
[ 1191.767201][   T30] audit: type=1326 audit(2000000074.020:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15534 comm="syz.0.2886" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1191.872246][   T30] audit: type=1326 audit(2000000074.060:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15534 comm="syz.0.2886" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1191.896590][   T30] audit: type=1326 audit(2000000074.060:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15534 comm="syz.0.2886" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1191.921209][   T30] audit: type=1326 audit(2000000074.080:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15534 comm="syz.0.2886" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1191.944524][   T30] audit: type=1326 audit(2000000074.080:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15534 comm="syz.0.2886" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1191.967512][   T30] audit: type=1326 audit(2000000074.090:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15534 comm="syz.0.2886" exe="/root/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1192.231364][   T30] audit: type=1326 audit(2000000074.280:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15541 comm="syz.0.2886" exe="/root/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf714572b code=0x7ffc0000
[ 1192.254740][   T30] audit: type=1326 audit(2000000074.290:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15534 comm="syz.0.2886" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1192.279823][   T30] audit: type=1326 audit(2000000074.290:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15534 comm="syz.0.2886" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1192.302767][   T30] audit: type=1326 audit(2000000074.350:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15534 comm="syz.0.2886" exe="/root/syz-executor" sig=0 arch=40000003 syscall=178 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1192.799692][T15550] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2888'.
[ 1193.861087][T15569] netlink: 'syz.7.2894': attribute type 1 has an invalid length.
[ 1193.873752][T15569] netlink: 'syz.7.2894': attribute type 2 has an invalid length.
[ 1193.883886][T15569] netlink: 72 bytes leftover after parsing attributes in process `syz.7.2894'.
[ 1198.977385][T15632] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2912'.
[ 1199.187310][T15634] overlayfs: failed to clone lowerpath
[ 1199.354812][T15638] netlink: 1304 bytes leftover after parsing attributes in process `syz.7.2915'.
[ 1200.733976][T15660] netlink: 'syz.9.2920': attribute type 1 has an invalid length.
[ 1200.879842][T15656] syzkaller0: entered promiscuous mode
[ 1200.886062][T15656] syzkaller0: entered allmulticast mode
[ 1201.271136][T15660] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1201.334454][T15663] bond2: entered promiscuous mode
[ 1201.342251][T15663] bond2: entered allmulticast mode
[ 1201.882527][T15671] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1201.890397][T15671] IPv6: NLM_F_CREATE should be set when creating new route
[ 1201.980248][T15671] lo: entered allmulticast mode
[ 1202.057788][T15671] tunl0: entered allmulticast mode
[ 1202.177930][T15671] gre0: entered allmulticast mode
[ 1202.311326][T15671] gretap0: entered allmulticast mode
[ 1202.405704][T15671] erspan0: entered allmulticast mode
[ 1202.476263][T15671] ip_vti0: entered allmulticast mode
[ 1202.535911][T15671] ip6_vti0: entered allmulticast mode
[ 1202.682196][T15671] sit0: entered allmulticast mode
[ 1202.780652][T15671] ip6tnl0: entered allmulticast mode
[ 1202.849690][T15671] ip6gre0: entered allmulticast mode
[ 1202.939571][T15671] ip6gretap0: entered allmulticast mode
[ 1203.033282][T15671] bond0: entered allmulticast mode
[ 1203.038885][T15671] bond_slave_0: entered allmulticast mode
[ 1203.045727][T15671] bond_slave_1: entered allmulticast mode
[ 1203.135230][T15671] dummy0: entered allmulticast mode
[ 1203.172031][T15671] nlmon0: entered allmulticast mode
[ 1203.218884][T15671] caif0: entered allmulticast mode
[ 1203.245145][T15671] batadv0: entered allmulticast mode
[ 1203.278266][T15671] vxcan0: entered allmulticast mode
[ 1203.322064][T15671] vxcan1: entered allmulticast mode
[ 1203.352384][T15671] veth0: entered allmulticast mode
[ 1203.383833][T15671] veth1: entered allmulticast mode
[ 1203.471389][T15671] veth0_to_bridge: entered allmulticast mode
[ 1203.533315][T15671] veth1_to_bridge: entered allmulticast mode
[ 1203.572876][T15671] veth0_to_bond: entered allmulticast mode
[ 1203.646600][T15671] veth1_to_bond: entered allmulticast mode
[ 1203.681931][T15671] veth0_to_team: left promiscuous mode
[ 1203.688098][T15671] veth0_to_team: entered allmulticast mode
[ 1203.697999][T15671] team_slave_0: entered allmulticast mode
[ 1203.730212][T15671] veth1_to_team: entered allmulticast mode
[ 1203.773382][T15671] team_slave_1: entered allmulticast mode
[ 1203.795292][T15671] veth0_to_batadv: entered allmulticast mode
[ 1203.827752][T15671] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1203.841056][T15671] batadv_slave_0: entered allmulticast mode
[ 1203.909959][T15671] veth1_to_batadv: entered allmulticast mode
[ 1204.018239][T15671] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1204.068117][T15671] batadv_slave_1: entered allmulticast mode
[ 1204.133241][T15671] xfrm0: entered allmulticast mode
[ 1204.196159][T15671] veth0_to_hsr: entered allmulticast mode
[ 1204.253492][T15671] hsr_slave_0: entered allmulticast mode
[ 1204.307211][T15671] veth1_to_hsr: entered allmulticast mode
[ 1204.445617][T15671] hsr_slave_1: entered allmulticast mode
[ 1204.463086][T15671] hsr0: entered allmulticast mode
[ 1204.483795][T15671] veth1_virt_wifi: entered allmulticast mode
[ 1204.559565][T15671] veth0_virt_wifi: entered allmulticast mode
[ 1204.598414][T15671] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[ 1204.635459][T15671] veth1_vlan: entered allmulticast mode
[ 1204.667840][T15703] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2929'.
[ 1204.683849][T15671] veth0_vlan: entered allmulticast mode
[ 1204.829838][T15671] vlan0: entered allmulticast mode
[ 1204.836337][T15671] vlan1: entered allmulticast mode
[ 1204.929460][T15671] macvlan0: entered allmulticast mode
[ 1205.002311][T15671] macvlan1: entered allmulticast mode
[ 1205.030298][T15671] ipvlan0: entered allmulticast mode
[ 1205.038389][T15671] ipvlan1: entered allmulticast mode
[ 1205.055149][T15671] veth1_macvtap: entered allmulticast mode
[ 1205.083855][T15671] veth0_macvtap: entered allmulticast mode
[ 1205.138325][T15671] macvtap0: entered allmulticast mode
[ 1205.166082][T15671] macsec0: entered allmulticast mode
[ 1205.198197][T15671] geneve0: entered allmulticast mode
[ 1205.263423][T15671] geneve1: entered allmulticast mode
[ 1205.282955][T15671] netdevsim netdevsim7 netdevsim0: entered allmulticast mode
[ 1205.307566][T15671] netdevsim netdevsim7 netdevsim1: entered allmulticast mode
[ 1205.365614][T15671] netdevsim netdevsim7 netdevsim2: entered allmulticast mode
[ 1205.434104][T15671] netdevsim netdevsim7 netdevsim3: entered allmulticast mode
[ 1205.487388][T15671] mac80211_hwsim hwsim19 wlan0: entered allmulticast mode
[ 1205.513827][T15671] mac80211_hwsim hwsim20 wlan1: entered allmulticast mode
[ 1205.561545][T15671] ip6tnl1: entered allmulticast mode
[ 1205.574983][T15671] erspan1: entered allmulticast mode
[ 1205.598555][T15671] veth2: entered allmulticast mode
[ 1205.605147][T15671] veth3: entered allmulticast mode
[ 1205.611524][T15671] veth4: entered allmulticast mode
[ 1205.618248][T15671] veth5: entered allmulticast mode
[ 1205.624718][T15671] sit1: entered allmulticast mode
[ 1205.630747][T15671] veth6: entered allmulticast mode
[ 1205.643221][T15671] veth7: entered allmulticast mode
[ 1205.649655][T15671] syztnl0: entered allmulticast mode
[ 1205.719264][T15671] bridge2: entered allmulticast mode
[ 1205.762701][T15678] 0ªX¹¦Dö»: left allmulticast mode
[ 1205.826809][T15678] veth0_to_team: left promiscuous mode
[ 1206.011308][T15678] geneve3: left promiscuous mode
[ 1206.048578][ T3081] hsr0 speed is unknown, defaulting to 1000
[ 1206.055845][ T3081] syz2: Port: 1 Link DOWN
[ 1206.184638][ T8478] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1206.234554][ T8478] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1206.243998][ T8478] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1206.285191][ T8478] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1206.323586][ T8478] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 35742 - 0
[ 1206.333075][ T8478] netdevsim netdevsim0 eth0: unset [1, 1] type 2 family 0 port 6081 - 0
[ 1206.435206][ T8478] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 35742 - 0
[ 1206.444620][ T8478] netdevsim netdevsim0 eth1: unset [1, 1] type 2 family 0 port 6081 - 0
[ 1206.502747][ T8478] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 35742 - 0
[ 1206.512419][ T8478] netdevsim netdevsim0 eth2: unset [1, 1] type 2 family 0 port 6081 - 0
[ 1206.603526][ T8478] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 35742 - 0
[ 1206.613918][ T8478] netdevsim netdevsim0 eth3: unset [1, 1] type 2 family 0 port 6081 - 0
[ 1206.908414][T15724] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2934'.
[ 1206.917926][T15724] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2934'.
[ 1208.609038][T15750] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2942'.
[ 1208.742701][T15750] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2942'.
[ 1208.871786][T15754] netlink: 107460 bytes leftover after parsing attributes in process `syz.7.2943'.
[ 1209.543184][T15765] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2946'.
[ 1209.580648][T15765] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2946'.
[ 1209.590616][T15765] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2946'.
[ 1210.411232][T15775] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2950'.
[ 1210.467977][T15775] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2950'.
[ 1210.584807][T15775] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2950'.
[ 1210.667387][T15777] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2950'.
[ 1211.015499][T15784] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2954'.
[ 1211.667735][T15791] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2956'.
[ 1211.752212][T15791] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2956'.
[ 1211.968976][T15799] 9p: Bad value for 'wfdno'
[ 1212.018572][T15799] tipc: Started in network mode
[ 1212.023946][T15799] tipc: Node identity ac14140f, cluster identity 4711
[ 1212.090445][T15799] tipc: New replicast peer: 255.255.255.255
[ 1212.103847][T15799] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1212.635164][T15811] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2962'.
[ 1213.224860][ T3081] tipc: Node number set to 2886997007
[ 1214.962467][T15844] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2972'.
[ 1217.403379][ T9601] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[ 1217.656763][ T9601] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1217.667710][ T9601] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1217.748213][ T9601] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1217.758402][ T9601] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1217.768563][ T9601] usb 7-1: SerialNumber: syz
[ 1218.120900][ T9601] usb 7-1: 0:2 : does not exist
[ 1218.343418][ T9601] usb 7-1: USB disconnect, device number 2
[ 1218.734736][T13255] udevd[13255]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1219.037983][T15906] xt_connbytes: Forcing CT accounting to be enabled
[ 1220.018664][ T9601] Process accounting resumed
[ 1220.313266][T15923] netlink: 60 bytes leftover after parsing attributes in process `syz.9.2995'.
[ 1220.405137][T15925] netlink: 'syz.7.2996': attribute type 1 has an invalid length.
[ 1220.480166][T15926] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2995'.
[ 1220.985938][   T30] kauditd_printk_skb: 5 callbacks suppressed
[ 1220.986022][   T30] audit: type=1326 audit(2000000103.230:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15932 comm="syz.0.2998" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1221.016216][   T30] audit: type=1326 audit(2000000103.230:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15932 comm="syz.0.2998" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1221.078911][T15927] bond1: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[ 1221.091961][T15927] bond1: (slave ipvlan2): The slave device specified does not support setting the MAC address
[ 1221.107326][T15927] bond1: (slave ipvlan2): Setting fail_over_mac to active for active-backup mode
[ 1221.130369][   T30] audit: type=1326 audit(2000000103.380:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15932 comm="syz.0.2998" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1221.250190][   T30] audit: type=1326 audit(2000000103.380:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15932 comm="syz.0.2998" exe="/root/syz-executor" sig=0 arch=40000003 syscall=430 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1221.273283][   T30] audit: type=1326 audit(2000000103.390:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15932 comm="syz.0.2998" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1221.296297][   T30] audit: type=1326 audit(2000000103.390:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15932 comm="syz.0.2998" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1221.323812][   T30] audit: type=1326 audit(2000000103.410:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15932 comm="syz.0.2998" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1221.348009][   T30] audit: type=1326 audit(2000000103.410:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15932 comm="syz.0.2998" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1221.370825][   T30] audit: type=1326 audit(2000000103.410:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15932 comm="syz.0.2998" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1221.394230][   T30] audit: type=1326 audit(2000000103.410:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15932 comm="syz.0.2998" exe="/root/syz-executor" sig=0 arch=40000003 syscall=431 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1223.170513][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 1223.177755][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 1225.619683][T15991] loop6: detected capacity change from 0 to 512
[ 1225.646981][T15991] EXT4-fs: Ignoring removed nobh option
[ 1225.735539][T15991] EXT4-fs warning (device loop6): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1225.747622][T15991] EXT4-fs warning (device loop6): dx_probe:849: Enable large directory feature to access it
[ 1225.758389][T15991] EXT4-fs warning (device loop6): dx_probe:934: inode #2: comm syz.6.3014: Corrupt directory, running e2fsck is recommended
[ 1225.810902][T15991] EXT4-fs (loop6): Cannot turn on journaled quota: type 1: error -117
[ 1225.900637][T15991] EXT4-fs error (device loop6): ext4_iget_extra_inode:5073: inode #15: comm syz.6.3014: corrupted in-inode xattr: invalid ea_ino
[ 1225.976070][T15991] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.3014: couldn't read orphan inode 15 (err -117)
[ 1226.085655][T15991] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1226.422389][T15991] EXT4-fs warning (device loop6): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1226.436174][T15991] EXT4-fs warning (device loop6): dx_probe:849: Enable large directory feature to access it
[ 1226.450519][T15991] EXT4-fs warning (device loop6): dx_probe:934: inode #2: comm syz.6.3014: Corrupt directory, running e2fsck is recommended
[ 1226.606806][T15991] EXT4-fs warning (device loop6): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1226.619735][T15991] EXT4-fs warning (device loop6): dx_probe:849: Enable large directory feature to access it
[ 1226.630337][T15991] EXT4-fs warning (device loop6): dx_probe:934: inode #2: comm syz.6.3014: Corrupt directory, running e2fsck is recommended
[ 1226.696945][T16007] EXT4-fs warning (device loop6): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1226.709460][T16007] EXT4-fs warning (device loop6): dx_probe:849: Enable large directory feature to access it
[ 1226.720297][T16007] EXT4-fs warning (device loop6): dx_probe:934: inode #2: comm syz.6.3014: Corrupt directory, running e2fsck is recommended
[ 1226.741043][T15997] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[ 1227.230314][T13985] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1228.309302][T16031] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3023'.
[ 1228.385905][T16035] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3023'.
[ 1230.129317][T16064] loop9: detected capacity change from 0 to 256
[ 1230.872725][ T9312] FAT-fs (loop9): error, corrupted directory (invalid entries)
[ 1230.881113][ T9312] FAT-fs (loop9): Filesystem has been set read-only
[ 1230.961035][ T9312] FAT-fs (loop9): error, corrupted directory (invalid entries)
[ 1231.288066][T16074] netlink: 'syz.7.3039': attribute type 39 has an invalid length.
[ 1231.571485][T16074] bridge_slave_0 (unregistering): left promiscuous mode
[ 1231.582060][T16074] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1231.706870][ T3465] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1231.880121][ T3465] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1232.043253][ T3465] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1232.232700][ T3465] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1233.245549][ T3465] bridge_slave_1: left allmulticast mode
[ 1233.251534][ T3465] bridge_slave_1: left promiscuous mode
[ 1233.262887][ T3465] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1233.332834][ T3465] bridge_slave_0: left allmulticast mode
[ 1233.340699][ T3465] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1234.686821][ T3465] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1234.778198][ T3465] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1234.841066][ T3465] bond0 (unregistering): Released all slaves
[ 1234.951112][ T3465] bond1 (unregistering): Released all slaves
[ 1235.073395][ T3465] bond2 (unregistering): Released all slaves
[ 1235.505902][T12505] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1235.556594][T12505] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1235.567052][T12505] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1235.601875][T12505] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1235.614728][T12505] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1236.274490][T16107] hsr0 speed is unknown, defaulting to 1000
[ 1236.510646][ T3465] hsr_slave_0: left promiscuous mode
[ 1236.530334][ T3465] hsr_slave_1: left promiscuous mode
[ 1236.555931][ T3465] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1236.565389][ T3465] net_ratelimit: 47 callbacks suppressed
[ 1236.565723][ T3465] batadv0: mtu less than device minimum
[ 1236.580197][ T3465] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1236.593633][ T3465] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1236.607189][ T3465] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1236.620609][ T3465] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1236.633774][ T3465] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1236.647378][ T3465] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1236.660579][ T3465] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1236.674254][ T3465] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1236.687595][ T3465] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1236.725385][ T3465] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1236.738363][ T3465] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1236.800828][T16121] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3053'.
[ 1236.812913][ T3465] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1236.823467][ T3465] batman_adv: batadv0: Interface deactivated: dummy0
[ 1236.830685][ T3465] batman_adv: batadv0: Removing interface: dummy0
[ 1236.849625][ T3465] veth1_macvtap: left promiscuous mode
[ 1236.864412][ T3465] veth0_macvtap: left promiscuous mode
[ 1236.870964][ T3465] veth1_vlan: left promiscuous mode
[ 1236.877876][ T3465] veth0_vlan: left promiscuous mode
[ 1237.694591][ T5789] Bluetooth: hci4: command tx timeout
[ 1238.162372][T16135] xt_connbytes: Forcing CT accounting to be enabled
[ 1238.503030][T16133] veth0_to_team: entered promiscuous mode
[ 1239.080318][ T3465] IPVS: stop unused estimator thread 0...
[ 1239.179931][T16140] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3059'.
[ 1239.363001][T16140] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3059'.
[ 1239.775501][ T5789] Bluetooth: hci4: command tx timeout
[ 1240.253493][T16107] chnl_net:caif_netlink_parms(): no params data found
[ 1241.128623][   T30] kauditd_printk_skb: 50 callbacks suppressed
[ 1241.128701][   T30] audit: type=1804 audit(2000000123.380:266): pid=16166 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.3066" name="bus" dev="ramfs" ino=51897 res=1 errno=0
[ 1241.692435][T16175] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3068'.
[ 1241.702086][T16175] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3068'.
[ 1241.854628][ T5789] Bluetooth: hci4: command tx timeout
[ 1242.246225][T16107] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1242.257973][T16107] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1242.312085][T16107] bridge_slave_0: entered allmulticast mode
[ 1242.366083][T16107] bridge_slave_0: entered promiscuous mode
[ 1242.457537][T16107] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1242.466260][T16107] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1242.493903][T16107] bridge_slave_1: entered allmulticast mode
[ 1242.528844][T16107] bridge_slave_1: entered promiscuous mode
[ 1242.879837][T16107] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1242.968220][T16107] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1243.338618][T16107] team0: Port device team_slave_0 added
[ 1243.402197][T16107] team0: Port device team_slave_1 added
[ 1243.716241][T16107] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1243.723515][T16107] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1243.754973][T16107] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1243.923425][T16107] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1243.931223][T16107] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1243.936814][ T5789] Bluetooth: hci4: command tx timeout
[ 1243.966788][T16107] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1244.580681][T16212] netlink: 'syz.6.3077': attribute type 39 has an invalid length.
[ 1244.675919][T16107] hsr_slave_0: entered promiscuous mode
[ 1244.708775][T16107] hsr_slave_1: entered promiscuous mode
[ 1244.738019][T16107] debugfs: 'hsr0' already exists in 'hsr'
[ 1244.744300][T16107] Cannot create hsr debugfs directory
[ 1244.861843][T16212] bridge_slave_0 (unregistering): left allmulticast mode
[ 1244.869830][T16212] bridge_slave_0 (unregistering): left promiscuous mode
[ 1244.877508][T16212] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1247.979227][T16242] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3088'.
[ 1247.988762][T16242] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3088'.
[ 1248.655746][T16107] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1248.749259][T16252] netlink: 'syz.7.3091': attribute type 4 has an invalid length.
[ 1248.763677][T16107] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1248.866061][T16255] netlink: 'syz.7.3091': attribute type 4 has an invalid length.
[ 1248.879260][T16107] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1249.040583][T16107] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1249.812975][T16265] mac80211_hwsim hwsim37 wlan0: entered promiscuous mode
[ 1250.013795][T16264] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1250.399518][T16274] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3096'.
[ 1250.746267][T16107] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1251.026339][T16107] 8021q: adding VLAN 0 to HW filter on device team0
[ 1251.148010][T14952] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1251.155795][T14952] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1251.315044][T14908] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1251.322688][T14908] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1253.740063][T16316] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3110'.
[ 1253.750509][T16316] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3110'.
[ 1253.916302][T16107] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1254.172849][T16314] hsr0 speed is unknown, defaulting to 1000
[ 1255.055142][T16330] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3115'.
[ 1255.131201][T16330] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3115'.
[ 1255.192931][T16330] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3115'.
[ 1255.284786][T16334] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3115'.
[ 1255.341574][T16330] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3115'.
[ 1255.863890][T16339] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3117'.
[ 1255.871001][T16338] netlink: 'syz.7.3116': attribute type 4 has an invalid length.
[ 1255.932876][T16339] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3117'.
[ 1256.018904][T16339] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3117'.
[ 1257.038876][T16107] veth0_vlan: entered promiscuous mode
[ 1257.177214][T16107] veth1_vlan: entered promiscuous mode
[ 1257.598534][T16107] veth0_macvtap: entered promiscuous mode
[ 1257.710441][T16107] veth1_macvtap: entered promiscuous mode
[ 1257.950954][T16107] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1258.051915][T16107] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1258.259833][T14930] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1258.324472][T14930] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1258.407853][T14930] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1258.483283][T14930] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1260.226019][T16385] __nla_validate_parse: 2 callbacks suppressed
[ 1260.226108][T16385] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3135'.
[ 1261.254671][   T30] audit: type=1326 audit(2000000143.500:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16400 comm="syz.7.3140" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1261.329089][   T30] audit: type=1326 audit(2000000143.550:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16400 comm="syz.7.3140" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1261.498345][   T30] audit: type=1326 audit(2000000143.590:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16400 comm="syz.7.3140" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1261.521354][   T30] audit: type=1326 audit(2000000143.610:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16400 comm="syz.7.3140" exe="/root/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1261.547896][   T30] audit: type=1326 audit(2000000143.610:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16400 comm="syz.7.3140" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1261.572284][   T30] audit: type=1326 audit(2000000143.610:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16400 comm="syz.7.3140" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1261.595146][   T30] audit: type=1326 audit(2000000143.590:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16400 comm="syz.7.3140" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1261.617753][   T30] audit: type=1326 audit(2000000143.660:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16400 comm="syz.7.3140" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1261.640513][   T30] audit: type=1326 audit(2000000143.680:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16400 comm="syz.7.3140" exe="/root/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1261.664240][   T30] audit: type=1326 audit(2000000143.690:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16400 comm="syz.7.3140" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1264.193919][T16447] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3150'.
[ 1266.147217][T16469] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[ 1266.326429][T14930] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1266.335097][T14930] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1266.724531][T14930] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1266.732815][T14930] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1267.316415][ T3081] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[ 1267.515238][ T3081] usb 4-1: Using ep0 maxpacket: 8
[ 1267.536994][ T3081] usb 4-1: config index 0 descriptor too short (expected 30, got 18)
[ 1267.545901][ T3081] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1267.556555][ T3081] usb 4-1: config 0 has no interfaces?
[ 1267.628529][ T3081] usb 4-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[ 1267.638603][ T3081] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1267.647436][ T3081] usb 4-1: Product: syz
[ 1267.651900][ T3081] usb 4-1: Manufacturer: syz
[ 1267.656917][ T3081] usb 4-1: SerialNumber: syz
[ 1267.772631][ T3081] usb 4-1: config 0 descriptor??
[ 1268.132154][ T3081] usb 4-1: USB disconnect, device number 10
[ 1269.405751][T16506] netlink: 'syz.6.3168': attribute type 1 has an invalid length.
[ 1269.480587][T16512] loop3: detected capacity change from 0 to 128
[ 1269.654720][T16512] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1269.679485][T16512] ext4 filesystem being mounted at /99/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1269.959648][T16512] EXT4-fs (loop3): shut down requested (1)
[ 1269.987753][T16512] fscrypt (loop3, inode 12): Error -5 getting encryption context
[ 1270.047816][T16506] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1270.183545][T16513] loop4: detected capacity change from 0 to 4096
[ 1270.287625][T16514] macvlan2: entered promiscuous mode
[ 1270.297162][T16514] macvlan2: entered allmulticast mode
[ 1270.333259][T14194] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1270.390557][T16514] bond1: entered promiscuous mode
[ 1270.421729][T16514] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1270.553078][T16514] bond1: left promiscuous mode
[ 1271.617513][T16534] netlink: 232 bytes leftover after parsing attributes in process `syz.0.3174'.
[ 1271.627855][T16534] netlink: 232 bytes leftover after parsing attributes in process `syz.0.3174'.
[ 1274.019200][T16566] loop3: detected capacity change from 0 to 512
[ 1274.298114][T16566] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1274.365948][T16566] ext4 filesystem being mounted at /103/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1276.068764][T16599] netlink: 256 bytes leftover after parsing attributes in process `syz.7.3193'.
[ 1276.079183][T16599] unsupported nlmsg_type 40
[ 1276.918139][T16607] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1276.976331][T16607] overlayfs: failed to set xattr on upper
[ 1276.982413][T16607] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1276.990173][T16607] overlayfs: ...falling back to index=off.
[ 1276.996473][T16607] overlayfs: ...falling back to uuid=null.
[ 1277.045287][T16607] overlayfs: failed to clone lowerpath
[ 1277.547190][T14194] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1277.960709][T16614] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3197'.
[ 1278.440558][T16614] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1278.468424][T16625] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3200'.
[ 1278.616313][T16619] macvlan2: entered promiscuous mode
[ 1278.622601][T16619] macvlan2: entered allmulticast mode
[ 1278.689753][T16619] bond2: entered promiscuous mode
[ 1278.708035][T16619] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1278.773808][T16619] bond2: left promiscuous mode
[ 1281.096002][T16651] loop4: detected capacity change from 0 to 1024
[ 1281.292800][T16651] syz.4.3208: attempt to access beyond end of device
[ 1281.292800][T16651] loop4: rw=8388608, sector=393218, nr_sectors = 2 limit=1024
[ 1281.388853][T16651] syz.4.3208: attempt to access beyond end of device
[ 1281.388853][T16651] loop4: rw=8388608, sector=393218, nr_sectors = 2 limit=1024
[ 1282.467556][T16669] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3214'.
[ 1282.653163][T16672] loop6: detected capacity change from 0 to 736
[ 1282.673560][T16671] netlink: 1363 bytes leftover after parsing attributes in process `syz.4.3213'.
[ 1283.045352][ T3081] usb 7-1: new full-speed USB device number 3 using dummy_hcd
[ 1283.247505][ T3081] usb 7-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1283.257446][ T3081] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1283.368976][ T3081] usb 7-1: config 0 descriptor??
[ 1283.370341][   T30] kauditd_printk_skb: 42 callbacks suppressed
[ 1283.370516][   T30] audit: type=1326 audit(2000000165.610:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16674 comm="syz.7.3216" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf747d539 code=0x0
[ 1283.671156][ T3081] udl 7-1:0.0: [drm] Unrecognized vendor firmware descriptor
[ 1283.841945][T16685] netlink: 1319 bytes leftover after parsing attributes in process `syz.4.3219'.
[ 1283.882852][ T3081] [drm:udl_init] *ERROR* Selecting channel failed
[ 1284.035919][ T3081] [drm] Initialized udl 0.0.1 for 7-1:0.0 on minor 2
[ 1284.043042][ T3081] [drm] Initialized udl on minor 2
[ 1284.062751][ T3081] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1284.125513][ T3081] udl 7-1:0.0: [drm] Cannot find any crtc or sizes
[ 1284.184521][ T5832] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1284.234894][ T3081] usb 7-1: USB disconnect, device number 3
[ 1284.242937][ T5832] udl 7-1:0.0: [drm] Cannot find any crtc or sizes
[ 1284.622715][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 1284.630035][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 1285.846422][T16712] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3228'.
[ 1285.918311][T16712] netlink: 72 bytes leftover after parsing attributes in process `syz.7.3228'.
[ 1286.429638][T16719] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3231'.
[ 1286.712062][   T30] audit: type=1804 audit(2000000168.960:320): pid=16726 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.3230" name="file0" dev="tmpfs" ino=3964 res=1 errno=0
[ 1286.758248][T16714] bond2: option lacp_rate: mode dependency failed, not supported in mode active-backup(1)
[ 1286.804960][T16714] bond2 (unregistering): Released all slaves
[ 1287.674446][T16728] bond3: option downdelay: invalid value (18446744073709551615)
[ 1287.682610][T16728] bond3: option downdelay: allowed values 0 - 2147483647
[ 1287.702825][T16738] 9pnet: p9_errstr2errno: server reported unknown error di3
[ 1287.759505][T16728] bond3 (unregistering): Released all slaves
[ 1289.253623][   T30] audit: type=1804 audit(2000000171.500:321): pid=16757 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.3241" name="file0" dev="ramfs" ino=53244 res=1 errno=0
[ 1291.866734][T16793] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3250'.
[ 1292.378364][T16803] netlink: 'syz.3.3252': attribute type 4 has an invalid length.
[ 1292.508415][T16805] netlink: 'syz.3.3252': attribute type 4 has an invalid length.
[ 1294.163139][T16821] loop6: detected capacity change from 0 to 512
[ 1294.229974][T16821] EXT4-fs: Ignoring removed orlov option
[ 1294.236412][T16821] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1294.346283][T16821] EXT4-fs error (device loop6): ext4_iget_extra_inode:5073: inode #15: comm syz.6.3258: corrupted in-inode xattr: e_value size too large
[ 1294.395953][T16821] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.3258: couldn't read orphan inode 15 (err -117)
[ 1294.455623][T16821] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1295.233492][T13985] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1295.820067][T16840] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3262'.
[ 1295.859885][T16845] netlink: 76 bytes leftover after parsing attributes in process `syz.0.3261'.
[ 1295.929865][T16844] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3260'.
[ 1296.750208][T16856] overlayfs: failed to clone upperpath
[ 1296.909064][ T5789] Bluetooth: hci2: command 0x0406 tx timeout
[ 1298.927205][T16877] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3271'.
[ 1299.065328][T16877] bridge_slave_1: left allmulticast mode
[ 1299.071447][T16877] bridge_slave_1: left promiscuous mode
[ 1299.078876][T16877] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1299.342536][T16877] bridge_slave_0: left allmulticast mode
[ 1299.350670][T16877] bridge_slave_0: left promiscuous mode
[ 1299.357684][T16877] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1299.898180][T16889] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3273'.
[ 1301.353599][T16905] netlink: 44 bytes leftover after parsing attributes in process `syz.6.3278'.
[ 1301.419195][T16905] netlink: 'syz.6.3278': attribute type 10 has an invalid length.
[ 1301.516436][T16905] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1301.682432][T16909] pimreg: entered allmulticast mode
[ 1301.737279][T16915] pimreg: left allmulticast mode
[ 1302.622258][ T5843] IPVS: starting estimator thread 0...
[ 1302.735382][T16927] IPVS: using max 192 ests per chain, 9600 per kthread
[ 1304.536420][T16952] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3293'.
[ 1304.635409][T16952] netlink: 'syz.0.3293': attribute type 10 has an invalid length.
[ 1304.808549][T16952] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1308.325670][T17000] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3307'.
[ 1308.335722][T17000] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3307'.
[ 1309.086964][T17010] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3309'.
[ 1309.259700][T17014] netlink: 'syz.3.3309': attribute type 10 has an invalid length.
[ 1310.254708][T17028] lo: entered allmulticast mode
[ 1310.326428][T17026] lo: left allmulticast mode
[ 1310.714776][T17032] orangefs_devreq_write_iter: failed to copy head.
[ 1310.975894][T17041] vlan2: entered promiscuous mode
[ 1310.981650][T17041] veth0_virt_wifi: entered promiscuous mode
[ 1310.990081][T17041] vlan2: entered allmulticast mode
[ 1310.996039][T17041] veth0_virt_wifi: entered allmulticast mode
[ 1312.279515][T17053] hsr0 speed is unknown, defaulting to 1000
[ 1313.294721][T17058] hsr0 speed is unknown, defaulting to 1000
[ 1314.842678][T17092] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3333'.
[ 1314.871668][T17088] bridge4: entered promiscuous mode
[ 1314.877583][T17088] bridge4: entered allmulticast mode
[ 1314.960011][T17092] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3333'.
[ 1315.077051][T17092] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3333'.
[ 1315.165614][T17092] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3333'.
[ 1316.341072][T17107] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3337'.
[ 1316.351073][T17107] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3337'.
[ 1316.961075][ T5843] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[ 1317.165563][ T5843] usb 7-1: Using ep0 maxpacket: 32
[ 1317.206520][ T5843] usb 7-1: config 0 has an invalid interface number: 188 but max is 0
[ 1317.219140][ T5843] usb 7-1: config 0 has no interface number 0
[ 1317.274402][ T5843] usb 7-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[ 1317.313433][ T5843] usb 7-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[ 1317.325556][ T5843] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1317.335004][ T5843] usb 7-1: Product: syz
[ 1317.339404][ T5843] usb 7-1: Manufacturer: syz
[ 1317.344436][ T5843] usb 7-1: SerialNumber: syz
[ 1317.453740][ T5843] usb 7-1: config 0 descriptor??
[ 1317.542749][T17116] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1317.849544][T17116] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1318.379253][T17133] lo: entered allmulticast mode
[ 1318.898113][T17135] bond1: entered allmulticast mode
[ 1319.788088][ T5843] asix 7-1:0.188 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1319.799139][ T5843] asix 7-1:0.188 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0088: ffffffb9
[ 1319.914974][ T5843] asix 7-1:0.188: probe with driver asix failed with error -71
[ 1320.005465][ T5843] usb 7-1: USB disconnect, device number 4
[ 1321.383035][T17174] tipc: Failed to remove unknown binding: 66,0,0/0:2641628294/2641628295
[ 1321.395368][T17174] tipc: Failed to remove unknown binding: 66,0,0/0:2641628294/2641628295
[ 1321.653174][T17156] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1321.816853][T17156] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1322.840416][T17191] loop6: detected capacity change from 0 to 1024
[ 1322.910319][T14945] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1322.917207][T17191] EXT4-fs: Ignoring removed orlov option
[ 1322.952275][T14945] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1323.008827][T14945] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1323.055407][T17191] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled
[ 1323.075494][T14945] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1323.178261][T17191] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1324.251447][T13985] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1324.872029][T17211] siw: device registration error -23
[ 1326.328910][T17226] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 1326.410579][T17232] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3375'.
[ 1327.242303][T17235] bridge_slave_0: left allmulticast mode
[ 1327.248767][T17235] bridge_slave_0: left promiscuous mode
[ 1327.256434][T17235] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1327.421564][T17235] bridge_slave_1: left allmulticast mode
[ 1327.428261][T17235] bridge_slave_1: left promiscuous mode
[ 1327.435642][T17235] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1327.661808][T17235] bond0: (slave bond_slave_0): Releasing backup interface
[ 1327.727990][T17235] bond0: (slave bond_slave_1): Releasing backup interface
[ 1327.887984][T17235] team0: Port device team_slave_0 removed
[ 1328.063575][T17235] team0: Port device team_slave_1 removed
[ 1328.129854][T17235] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1328.137885][T17235] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1328.201078][T17235] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1328.210266][T17235] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1328.250454][T17235] net_ratelimit: 30 callbacks suppressed
[ 1328.250537][T17235] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1328.307601][T17253] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1328.321117][T17251] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3382'.
[ 1328.441717][T17253] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1328.533623][T17256] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1328.656665][T17259] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3382'.
[ 1329.581622][T17270] pimreg: entered allmulticast mode
[ 1329.724881][T17270] pimreg: left allmulticast mode
[ 1331.545993][ T9601] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[ 1331.752736][ T9601] usb 7-1: config 0 has no interfaces?
[ 1331.763028][ T9601] usb 7-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[ 1331.773672][ T9601] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1331.866939][ T9601] usb 7-1: config 0 descriptor??
[ 1332.271336][T17312] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3394'.
[ 1333.496817][T17329] 9pnet_virtio: no channels available for device syz
[ 1333.570802][T17330] loop3: detected capacity change from 0 to 128
[ 1333.890855][T17330] syz.3.3407: attempt to access beyond end of device
[ 1333.890855][T17330] loop3: rw=2049, sector=145, nr_sectors = 16 limit=128
[ 1333.957024][T17330] syz.3.3407: attempt to access beyond end of device
[ 1333.957024][T17330] loop3: rw=2049, sector=169, nr_sectors = 8 limit=128
[ 1334.009418][T17330] syz.3.3407: attempt to access beyond end of device
[ 1334.009418][T17330] loop3: rw=2049, sector=185, nr_sectors = 8 limit=128
[ 1334.616732][ T5832] usb 7-1: USB disconnect, device number 5
[ 1337.103691][   T30] audit: type=1326 audit(2000000219.350:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17377 comm="syz.7.3422" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1337.182802][   T30] audit: type=1326 audit(2000000219.350:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17377 comm="syz.7.3422" exe="/root/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf747d567 code=0x7ffc0000
[ 1337.207262][   T30] audit: type=1326 audit(2000000219.360:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17377 comm="syz.7.3422" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1337.231683][   T30] audit: type=1326 audit(2000000219.370:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17377 comm="syz.7.3422" exe="/root/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf747d567 code=0x7ffc0000
[ 1337.255579][   T30] audit: type=1326 audit(2000000219.370:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17377 comm="syz.7.3422" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1337.278859][   T30] audit: type=1326 audit(2000000219.380:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17377 comm="syz.7.3422" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1337.303150][   T30] audit: type=1326 audit(2000000219.390:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17377 comm="syz.7.3422" exe="/root/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf747d567 code=0x7ffc0000
[ 1337.326801][   T30] audit: type=1326 audit(2000000219.400:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17377 comm="syz.7.3422" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1337.351399][   T30] audit: type=1326 audit(2000000219.400:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17377 comm="syz.7.3422" exe="/root/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf747d567 code=0x7ffc0000
[ 1337.374638][   T30] audit: type=1326 audit(2000000219.400:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17377 comm="syz.7.3422" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1338.364611][T17391] binder: 17390:17391 unknown command 0
[ 1338.370426][T17391] binder: 17390:17391 ioctl c0306201 80000080 returned -22
[ 1341.380868][T17428] overlayfs: failed to clone upperpath
[ 1342.763488][T17444] syz_tun: left allmulticast mode
[ 1342.771635][T17444] syz_tun: left promiscuous mode
[ 1342.778496][T17444] bridge0: port 3(syz_tun) entered disabled state
[ 1342.916941][T17444] bond0: (slave bridge0): Releasing backup interface
[ 1342.986652][T17448] netlink: 'syz.6.3439': attribute type 10 has an invalid length.
[ 1343.120805][T17444] bridge_slave_1: left allmulticast mode
[ 1343.127547][T17444] bridge_slave_1: left promiscuous mode
[ 1343.141312][T17444] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1343.326777][T17444] bond0: (slave bond_slave_0): Releasing backup interface
[ 1343.407205][T17444] bond0: (slave bond_slave_1): Releasing backup interface
[ 1343.532895][T17444] team0: Port device team_slave_0 removed
[ 1343.632411][T17444] team0: Port device team_slave_1 removed
[ 1343.670585][T17444] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1343.731954][T17444] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1343.789425][T17444] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1343.870062][T17448] team0: Device bond0 failed to register rx_handler
[ 1343.888381][T17455] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3442'.
[ 1345.022989][T17464] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1346.047416][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 1346.055604][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 1347.125516][T17483] dummy0: left allmulticast mode
[ 1347.152393][T17483] batman_adv: batadv0: Adding interface: dummy0
[ 1347.164811][T17483] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1347.323533][T17483] batman_adv: batadv0: Interface activated: dummy0
[ 1347.525781][T17488] batadv0: mtu less than device minimum
[ 1347.534820][T17488] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1347.548178][T17488] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1347.561516][T17488] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1347.575349][T17488] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1347.588917][T17488] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1347.602204][T17488] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1347.615726][T17488] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1347.629524][T17488] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1349.231578][T17510] vlan3: entered promiscuous mode
[ 1349.237350][T17510] syz_tun: entered promiscuous mode
[ 1349.415575][T17513] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3459'.
[ 1349.633387][T17517] loop3: detected capacity change from 0 to 8
[ 1349.668910][T17517] squashfs: Unknown parameter ''
[ 1350.387984][T17524] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3464'.
[ 1350.512159][T17526] tipc: Failed to remove unknown binding: 66,0,0/3532428832:3500935708/3500935709
[ 1350.583171][T17535] tipc: Failed to remove unknown binding: 66,0,0/3532428832:3500935708/3500935709
[ 1351.649428][T17551] netlink: 'syz.0.3469': attribute type 39 has an invalid length.
[ 1351.697264][T17551] bridge_slave_0 (unregistering): left allmulticast mode
[ 1351.706032][T17551] bridge_slave_0 (unregistering): left promiscuous mode
[ 1351.714290][T17551] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1351.897425][T17553] 9pnet: p9_errstr2errno: server reported unknown error 0x00000000
[ 1352.669014][T17563] netlink: 'syz.4.3474': attribute type 3 has an invalid length.
[ 1352.719072][T17563] netlink: 'syz.4.3474': attribute type 3 has an invalid length.
[ 1352.762195][T17566] loop3: detected capacity change from 0 to 164
[ 1356.551956][T17610] loop3: detected capacity change from 0 to 1024
[ 1356.647595][ T3465] hfsplus: b-tree write err: -5, ino 4
[ 1358.039756][T17618] bond0: (slave bond_slave_0): Releasing backup interface
[ 1358.193355][T17618] bond0: (slave bond_slave_1): Releasing backup interface
[ 1358.270504][T17622] netlink: 'syz.3.3488': attribute type 10 has an invalid length.
[ 1358.334522][T12505] Bluetooth: hci4: command 0x0406 tx timeout
[ 1358.451911][T17618] team0: Port device team_slave_0 removed
[ 1358.669457][T17618] team0: Port device team_slave_1 removed
[ 1358.785204][T17618] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1358.849047][T17618] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1358.961634][T17618] net_ratelimit: 11 callbacks suppressed
[ 1358.961720][T17618] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[ 1359.022700][T17625] lo: left allmulticast mode
[ 1359.107219][T17622] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1359.248023][T17622] team0: Port device bond0 added
[ 1363.387644][T17671] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3502'.
[ 1363.695927][T17671] vxlan0: entered promiscuous mode
[ 1363.765842][T17684] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3503'.
[ 1363.788934][ T8478] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1363.822083][ T8478] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1363.882415][ T8478] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1363.932004][ T8478] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1364.357851][T17670] hsr0 speed is unknown, defaulting to 1000
[ 1367.645039][T17718] netlink: 'syz.6.3514': attribute type 13 has an invalid length.
[ 1367.653214][T17718] netlink: 'syz.6.3514': attribute type 17 has an invalid length.
[ 1367.956367][T17728] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3516'.
[ 1368.468176][T17721] loop6: detected capacity change from 0 to 4096
[ 1368.777332][T17721] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1371.652160][T17718] 8021q: adding VLAN 0 to HW filter on device team0
[ 1371.899556][T17718] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1372.349379][T13985] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1373.501647][T17761] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[ 1373.787487][T17764] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3523'.
[ 1374.650907][T17772] binder: BINDER_SET_CONTEXT_MGR already set
[ 1374.675024][T17772] binder: 17771:17772 ioctl 4018620d 80004a80 returned -16
[ 1375.156539][T17779] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3529'.
[ 1375.165969][T17779] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3529'.
[ 1375.213477][   T30] kauditd_printk_skb: 74 callbacks suppressed
[ 1375.213539][   T30] audit: type=1804 audit(2000000257.460:406): pid=17774 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.3527" name="file0" dev="tmpfs" ino=3039 res=1 errno=0
[ 1377.378300][ T5835] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[ 1377.578624][ T5835] usb 4-1: Using ep0 maxpacket: 32
[ 1377.609148][ T5835] usb 4-1: config 0 has an invalid interface number: 85 but max is 0
[ 1377.621439][ T5835] usb 4-1: config 0 has no interface number 0
[ 1377.668625][ T5835] usb 4-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1377.684239][ T5835] usb 4-1: config 0 interface 85 altsetting 7 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1377.695564][ T5835] usb 4-1: config 0 interface 85 has no altsetting 0
[ 1377.785334][ T5835] usb 4-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1377.798651][ T5835] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1377.807777][ T5835] usb 4-1: Product: syz
[ 1377.812611][ T5835] usb 4-1: Manufacturer: syz
[ 1377.817803][ T5835] usb 4-1: SerialNumber: syz
[ 1377.910795][ T5835] usb 4-1: config 0 descriptor??
[ 1378.194804][ T5835] appletouch 4-1:0.85: Failed to read mode from device.
[ 1378.202964][ T5835] appletouch 4-1:0.85: probe with driver appletouch failed with error -5
[ 1378.315278][ T5835] usb 4-1: USB disconnect, device number 11
[ 1381.976931][T17864] kvm: pic: non byte read
[ 1381.983524][T17864] kvm: pic: non byte read
[ 1382.017228][T17864] kvm: pic: non byte read
[ 1382.046289][T17864] kvm: pic: level sensitive irq not supported
[ 1382.046893][T17864] kvm: pic: non byte read
[ 1382.276941][T17864] kvm: pic: non byte read
[ 1382.363295][T17864] kvm: pic: non byte read
[ 1382.424828][T17864] kvm: pic: level sensitive irq not supported
[ 1382.425291][T17864] kvm: pic: non byte read
[ 1383.257922][T17875] bridge0: entered promiscuous mode
[ 1383.263427][T17875] bridge0: entered allmulticast mode
[ 1383.459529][T17875] team0: Port device bridge0 added
[ 1383.493680][T17876] bridge0: left allmulticast mode
[ 1383.594838][T17881] bridge0: port 1(team0) entered blocking state
[ 1383.601701][T17881] bridge0: port 1(team0) entered disabled state
[ 1383.786247][T17881] team0: entered allmulticast mode
[ 1383.791949][T17881] bond0: entered allmulticast mode
[ 1383.797922][T17881] bridge0: entered allmulticast mode
[ 1383.882632][T17881] team0: left allmulticast mode
[ 1383.888144][T17881] bond0: left allmulticast mode
[ 1383.893331][T17881] bridge0: left allmulticast mode
[ 1384.458489][T17888] loop6: detected capacity change from 0 to 1024
[ 1384.644594][T17888] EXT4-fs: Ignoring removed orlov option
[ 1384.650648][T17888] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1385.647718][T17888] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1386.383923][T17907] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1386.757372][T17907] bond3: (slave ip6gretap1): Enslaving as a backup interface with an up link
[ 1386.817187][T14945] bond3: Warning: No 802.3ad response from the link partner for any adapters in the bond
[ 1386.946235][T13985] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1386.997587][T14919] bond3: Warning: No 802.3ad response from the link partner for any adapters in the bond
[ 1391.127675][T17974] loop3: detected capacity change from 0 to 128
[ 1391.325333][T17974] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1391.430207][T17974] ext4 filesystem being mounted at /171/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1393.511208][T14194] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1397.766858][T14945] bond0 (unregistering): Released all slaves
[ 1397.800101][T14945] bond1 (unregistering): Released all slaves
[ 1398.222624][T14945] tipc: Left network mode
[ 1398.844606][T14945] hsr_slave_0: left promiscuous mode
[ 1398.894891][T14945] hsr_slave_1: left promiscuous mode
[ 1399.321210][T12505] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1399.365644][T12505] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1399.376131][T12505] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1399.409318][T12505] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1399.433370][T12505] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1401.538294][T12505] Bluetooth: hci3: command tx timeout
[ 1402.012119][T18073] hsr0 speed is unknown, defaulting to 1000
[ 1403.615463][T12505] Bluetooth: hci3: command tx timeout
[ 1404.289040][T18073] chnl_net:caif_netlink_parms(): no params data found
[ 1404.485086][T18125] netlink: 'syz.0.3624': attribute type 11 has an invalid length.
[ 1404.868262][T18131] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3625'.
[ 1404.909183][T18130] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3626'.
[ 1405.099072][T18131] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1405.350680][T18134] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1405.410929][T18134] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address
[ 1405.483684][T18134] bond3: (slave vxcan3): Error -95 calling set_mac_address
[ 1405.695607][T12505] Bluetooth: hci3: command tx timeout
[ 1405.932143][T18137] macvlan2: entered promiscuous mode
[ 1405.943793][T18137] macvlan2: entered allmulticast mode
[ 1406.018527][T18137] bond3: (slave macvlan2): Error -98 calling set_mac_address
[ 1406.799083][T18073] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1406.807307][T18073] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1406.910106][T18073] bridge_slave_0: entered allmulticast mode
[ 1406.945251][T18073] bridge_slave_0: entered promiscuous mode
[ 1407.007247][T18073] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1407.015280][T18073] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1407.055466][T18073] bridge_slave_1: entered allmulticast mode
[ 1407.068560][T18154] netlink: 'syz.0.3629': attribute type 4 has an invalid length.
[ 1407.115295][T18073] bridge_slave_1: entered promiscuous mode
[ 1407.507284][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 1407.514668][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 1407.605263][T18073] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1407.630633][T18073] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1407.774912][T12505] Bluetooth: hci3: command tx timeout
[ 1408.153376][T18073] team0: Port device team_slave_0 added
[ 1408.241692][T18073] team0: Port device team_slave_1 added
[ 1408.574762][T10505] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[ 1408.685107][T18073] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1408.692292][T18073] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1408.722979][T18073] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1408.776169][T10505] usb 4-1: Using ep0 maxpacket: 16
[ 1408.828678][T10505] usb 4-1: config 0 has an invalid interface number: 9 but max is 1
[ 1408.837533][T10505] usb 4-1: config 0 has an invalid interface number: 9 but max is 1
[ 1408.846118][T10505] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1408.855518][T10505] usb 4-1: config 0 has no interface number 0
[ 1408.890201][T18073] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1408.898046][T18073] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1408.928835][T18073] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1408.965247][T10505] usb 4-1: config 0 interface 9 has no altsetting 0
[ 1409.022693][T10505] usb 4-1: New USB device found, idVendor=1199, idProduct=6891, bcdDevice= 9.a0
[ 1409.032437][T10505] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1409.041353][T10505] usb 4-1: Product: syz
[ 1409.045973][T10505] usb 4-1: Manufacturer: syz
[ 1409.050873][T10505] usb 4-1: SerialNumber: syz
[ 1409.140295][T10505] usb 4-1: config 0 descriptor??
[ 1409.462201][T10505] sierra 4-1:0.9: Sierra USB modem converter detected
[ 1409.558126][T10505] usb 4-1: Sierra USB modem converter now attached to ttyUSB0
[ 1409.661642][   T30] audit: type=1326 audit(2000000291.910:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18177 comm="syz.7.3635" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1409.694354][T10505] usb 4-1: USB disconnect, device number 12
[ 1409.745049][T10505] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[ 1409.793744][T10505] sierra 4-1:0.9: device disconnected
[ 1409.840229][   T30] audit: type=1326 audit(2000000291.950:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18177 comm="syz.7.3635" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1409.866990][   T30] audit: type=1326 audit(2000000291.950:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18177 comm="syz.7.3635" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1409.890726][   T30] audit: type=1326 audit(2000000291.990:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18177 comm="syz.7.3635" exe="/root/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1409.916230][   T30] audit: type=1326 audit(2000000291.990:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18177 comm="syz.7.3635" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1409.939132][   T30] audit: type=1326 audit(2000000291.990:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18177 comm="syz.7.3635" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1409.965209][   T30] audit: type=1326 audit(2000000291.990:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18177 comm="syz.7.3635" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1409.989164][   T30] audit: type=1326 audit(2000000292.020:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18177 comm="syz.7.3635" exe="/root/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1410.015238][   T30] audit: type=1326 audit(2000000292.040:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18177 comm="syz.7.3635" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1410.038508][   T30] audit: type=1326 audit(2000000292.040:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18177 comm="syz.7.3635" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747d539 code=0x7ffc0000
[ 1410.133097][T18073] hsr_slave_0: entered promiscuous mode
[ 1410.251614][T18073] hsr_slave_1: entered promiscuous mode
[ 1410.286443][T18073] debugfs: 'hsr0' already exists in 'hsr'
[ 1410.292399][T18073] Cannot create hsr debugfs directory
[ 1411.793476][T18073] netdevsim netdevsim8 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1411.944658][T18205] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1411.962341][T18208] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3642'.
[ 1411.972154][T18208] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3642'.
[ 1412.046608][T18073] netdevsim netdevsim8 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1412.288025][T18208] team0: Port device bond0 removed
[ 1412.372593][T18208] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1412.444584][T18208] bond2: (slave bond0): Enslaving as an active interface with a down link
[ 1412.477365][T18073] netdevsim netdevsim8 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1412.700793][T18073] netdevsim netdevsim8 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1413.762911][T18073] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1413.876160][T18073] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1414.040558][T18073] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1414.205168][T18073] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1416.086381][T18073] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1416.401156][T18073] 8021q: adding VLAN 0 to HW filter on device team0
[ 1416.538499][T14908] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1416.546245][T14908] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1416.754053][T14908] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1416.761947][T14908] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1417.112821][   T30] kauditd_printk_skb: 56 callbacks suppressed
[ 1417.112904][   T30] audit: type=1326 audit(2000000299.360:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18263 comm="syz.0.3657" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1417.277203][   T30] audit: type=1326 audit(2000000299.400:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18263 comm="syz.0.3657" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1417.300117][   T30] audit: type=1326 audit(2000000299.450:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18263 comm="syz.0.3657" exe="/root/syz-executor" sig=0 arch=40000003 syscall=83 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1417.326301][   T30] audit: type=1326 audit(2000000299.450:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18263 comm="syz.0.3657" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1417.361311][   T30] audit: type=1326 audit(2000000299.450:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18263 comm="syz.0.3657" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1417.387739][   T30] audit: type=1326 audit(2000000299.500:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18263 comm="syz.0.3657" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1417.410822][   T30] audit: type=1326 audit(2000000299.500:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18263 comm="syz.0.3657" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1417.437398][   T30] audit: type=1326 audit(2000000299.500:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18263 comm="syz.0.3657" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1417.460886][   T30] audit: type=1326 audit(2000000299.510:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18263 comm="syz.0.3657" exe="/root/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1417.486930][   T30] audit: type=1326 audit(2000000299.520:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18263 comm="syz.0.3657" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd539 code=0x7ffc0000
[ 1418.118915][T18275] netlink: 'syz.4.3659': attribute type 32 has an invalid length.
[ 1418.137413][T18275] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3659'.
[ 1418.255235][T18275] netlink: 'syz.4.3659': attribute type 32 has an invalid length.
[ 1421.312892][T18073] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1422.010054][T15223] libceph: connect (1)[c::]:6789 error -101
[ 1422.049870][T15223] libceph: mon0 (1)[c::]:6789 connect error
[ 1422.099130][T18316] ceph: No mds server is up or the cluster is laggy
[ 1422.120881][T15223] libceph: connect (1)[c::]:6789 error -101
[ 1422.161095][T15223] libceph: mon0 (1)[c::]:6789 connect error
[ 1424.113747][T18351] =====================================================
[ 1424.121616][T18351] BUG: KMSAN: kernel-infoleak in _copy_to_iter+0x4e4/0x3400
[ 1424.132129][T18351]  _copy_to_iter+0x4e4/0x3400
[ 1424.138191][T18351]  __skb_datagram_iter+0x7ce/0x12b0
[ 1424.143895][T18351]  skb_copy_datagram_iter+0x5b/0x1e0
[ 1424.149752][T18351]  tcp_peek_sndq+0x12b/0x570
[ 1424.155225][T18351]  tcp_recvmsg_locked+0x565e/0x56f0
[ 1424.161155][T18351]  tcp_recvmsg+0x2bd/0xad0
[ 1424.170452][T18351]  inet_recvmsg+0x15b/0x690
[ 1424.176771][T18351]  sock_recvmsg_nosec+0x19d/0x2e0
[ 1424.182212][T18351]  ____sys_recvmsg+0x4e5/0x620
[ 1424.187526][T18351]  ___sys_recvmsg+0x20b/0x850
[ 1424.192392][T18351]  do_recvmmsg+0x50b/0xdf0
[ 1424.197200][T18351]  __sys_recvmmsg+0xf3/0x450
[ 1424.202070][T18351]  __ia32_compat_sys_recvmmsg_time32+0x102/0x1b0
[ 1424.208929][T18351]  ia32_sys_call+0x2935/0x4340
[ 1424.214086][T18351]  __do_fast_syscall_32+0x14a/0x310
[ 1424.219692][T18351]  do_fast_syscall_32+0x37/0x80
[ 1424.224969][T18351]  do_SYSENTER_32+0x1f/0x30
[ 1424.232050][T18351]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1424.239580][T18351] 
[ 1424.242104][T18351] Uninit was created at:
[ 1424.247102][T18351]  __alloc_frozen_pages_noprof+0x6df/0xf50
[ 1424.253240][T18351]  alloc_pages_mpol+0x328/0x860
[ 1424.258747][T18351]  alloc_pages_noprof+0x101/0x280
[ 1424.268785][T18351]  skb_page_frag_refill+0x34e/0x730
[ 1424.275713][T18351]  sk_page_frag_refill+0x59/0x190
[ 1424.281031][T18351]  tcp_sendmsg_locked+0x23d8/0x76f0
[ 1424.286708][T18351]  tcp_sendmsg+0x4b/0x90
[ 1424.291194][T18351]  inet_sendmsg+0x134/0x290
[ 1424.296094][T18351]  __sys_sendto+0x8ea/0xb90
[ 1424.300928][T18351]  __ia32_sys_sendto+0x12f/0x200
[ 1424.306429][T18351]  ia32_sys_call+0x1a3d/0x4340
[ 1424.311441][T18351]  __do_fast_syscall_32+0x14a/0x310
[ 1424.317216][T18351]  do_fast_syscall_32+0x37/0x80
[ 1424.322316][T18351]  do_SYSENTER_32+0x1f/0x30
[ 1424.327232][T18351]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1424.336258][T18351] 
[ 1424.338722][T18351] Bytes 0-47 of 48 are uninitialized
[ 1424.344964][T18351] Memory access of size 48 starts at ffff88804dc00000
[ 1424.351879][T18351] 
[ 1424.354659][T18351] CPU: 0 UID: 0 PID: 18351 Comm: syz.3.3671 Tainted: G        W    L      syzkaller #0 PREEMPT(voluntary) 
[ 1424.370971][T18351] Tainted: [W]=WARN, [L]=SOFTLOCKUP
[ 1424.377843][T18351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1424.388585][T18351] =====================================================
[ 1424.395857][T18351] Disabling lock debugging due to kernel taint
[ 1424.402161][T18351] Kernel panic - not syncing: kmsan.panic set ...
[ 1424.408787][T18351] CPU: 0 UID: 0 PID: 18351 Comm: syz.3.3671 Tainted: G    B   W    L      syzkaller #0 PREEMPT(voluntary) 
[ 1424.420518][T18351] Tainted: [B]=BAD_PAGE, [W]=WARN, [L]=SOFTLOCKUP
[ 1424.427338][T18351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1424.437906][T18351] Call Trace:
[ 1424.441315][T18351]  <TASK>
[ 1424.444369][T18351]  __dump_stack+0x26/0x30
[ 1424.449104][T18351]  dump_stack_lvl+0x50/0x1c0
[ 1424.454010][T18351]  ? dump_stack+0x12/0x25
[ 1424.458677][T18351]  dump_stack+0x1e/0x25
[ 1424.463044][T18351]  vpanic+0x435/0xd40
[ 1424.467298][T18351]  panic+0x15d/0x160
[ 1424.471471][T18351]  kmsan_report+0x31a/0x320
[ 1424.476325][T18351]  ? kmsan_internal_check_memory+0x1e8/0x240
[ 1424.482554][T18351]  ? kmsan_copy_to_user+0xef/0x190
[ 1424.488173][T18351]  ? _copy_to_iter+0x4e4/0x3400
[ 1424.493674][T18351]  ? __skb_datagram_iter+0x7ce/0x12b0
[ 1424.499392][T18351]  ? skb_copy_datagram_iter+0x5b/0x1e0
[ 1424.505111][T18351]  ? tcp_peek_sndq+0x12b/0x570
[ 1424.510180][T18351]  ? tcp_recvmsg_locked+0x565e/0x56f0
[ 1424.515815][T18351]  ? tcp_recvmsg+0x2bd/0xad0
[ 1424.520723][T18351]  ? inet_recvmsg+0x15b/0x690
[ 1424.525680][T18351]  ? sock_recvmsg_nosec+0x19d/0x2e0
[ 1424.531479][T18351]  ? ____sys_recvmsg+0x4e5/0x620
[ 1424.536737][T18351]  ? ___sys_recvmsg+0x20b/0x850
[ 1424.541909][T18351]  ? do_recvmmsg+0x50b/0xdf0
[ 1424.546693][T18351]  ? __sys_recvmmsg+0xf3/0x450
[ 1424.551774][T18351]  ? __ia32_compat_sys_recvmmsg_time32+0x102/0x1b0
[ 1424.558598][T18351]  ? ia32_sys_call+0x2935/0x4340
[ 1424.564250][T18351]  ? __do_fast_syscall_32+0x14a/0x310
[ 1424.569976][T18351]  ? do_fast_syscall_32+0x37/0x80
[ 1424.575595][T18351]  ? do_SYSENTER_32+0x1f/0x30
[ 1424.580501][T18351]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1424.587486][T18351]  ? kmsan_get_metadata+0xf1/0x160
[ 1424.593114][T18351]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1424.599275][T18351]  kmsan_internal_check_memory+0x1e8/0x240
[ 1424.605808][T18351]  kmsan_copy_to_user+0xef/0x190
[ 1424.611291][T18351]  _copy_to_iter+0x4e4/0x3400
[ 1424.616510][T18351]  __skb_datagram_iter+0x7ce/0x12b0
[ 1424.622205][T18351]  ? __pfx_simple_copy_to_iter+0x10/0x10
[ 1424.628340][T18351]  skb_copy_datagram_iter+0x5b/0x1e0
[ 1424.634176][T18351]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1424.640370][T18351]  tcp_peek_sndq+0x12b/0x570
[ 1424.645318][T18351]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1424.651521][T18351]  tcp_recvmsg_locked+0x565e/0x56f0
[ 1424.657071][T18351]  ? kmsan_get_metadata+0xf1/0x160
[ 1424.662615][T18351]  ? kmsan_get_metadata+0xf1/0x160
[ 1424.668097][T18351]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1424.674295][T18351]  ? kmsan_get_metadata+0xf1/0x160
[ 1424.679959][T18351]  ? kmsan_get_metadata+0xf1/0x160
[ 1424.685435][T18351]  ? kmsan_get_metadata+0xf1/0x160
[ 1424.690834][T18351]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1424.697291][T18351]  ? __rcu_read_unlock+0x6c/0xd0
[ 1424.702730][T18351]  ? is_module_text_address+0x1f4/0x240
[ 1424.708550][T18351]  ? kmsan_get_metadata+0xf1/0x160
[ 1424.713945][T18351]  ? kmsan_get_metadata+0xf1/0x160
[ 1424.719409][T18351]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1424.725531][T18351]  ? kmsan_internal_unpoison_memory+0x14/0x20
[ 1424.732240][T18351]  ? __local_bh_enable_ip+0x75/0xb0
[ 1424.737744][T18351]  ? _raw_spin_unlock_bh+0x2d/0x40
[ 1424.743242][T18351]  ? lock_sock_nested+0x1f4/0x210
[ 1424.748503][T18351]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1424.754862][T18351]  tcp_recvmsg+0x2bd/0xad0
[ 1424.759628][T18351]  ? kmsan_get_metadata+0xf1/0x160
[ 1424.765090][T18351]  ? kmsan_internal_set_shadow_origin+0x7a/0x110
[ 1424.772197][T18351]  ? kmsan_get_metadata+0xf1/0x160
[ 1424.778531][T18351]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1424.784816][T18351]  ? __pfx_tcp_recvmsg+0x10/0x10
[ 1424.790159][T18351]  inet_recvmsg+0x15b/0x690
[ 1424.795038][T18351]  ? kmsan_get_metadata+0xf1/0x160
[ 1424.800541][T18351]  ? kmsan_get_metadata+0xf1/0x160
[ 1424.806006][T18351]  ? __pfx_inet_recvmsg+0x10/0x10
[ 1424.811520][T18351]  sock_recvmsg_nosec+0x19d/0x2e0
[ 1424.817057][T18351]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1424.823178][T18351]  ____sys_recvmsg+0x4e5/0x620
[ 1424.828165][T18351]  ? import_iovec+0xaf/0xe0
[ 1424.833061][T18351]  ? get_compat_msghdr+0x673/0x740
[ 1424.838572][T18351]  ___sys_recvmsg+0x20b/0x850
[ 1424.843575][T18351]  ? kmsan_get_metadata+0xf1/0x160
[ 1424.848977][T18351]  ? kmsan_get_metadata+0xf1/0x160
[ 1424.854563][T18351]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1424.861110][T18351]  do_recvmmsg+0x50b/0xdf0
[ 1424.865890][T18351]  ? stack_depot_save_flags+0x35/0x790
[ 1424.871654][T18351]  ? kmsan_get_metadata+0xf1/0x160
[ 1424.877116][T18351]  __sys_recvmmsg+0xf3/0x450
[ 1424.881917][T18351]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1424.888116][T18351]  __ia32_compat_sys_recvmmsg_time32+0x102/0x1b0
[ 1424.895362][T18351]  ia32_sys_call+0x2935/0x4340
[ 1424.900558][T18351]  __do_fast_syscall_32+0x14a/0x310
[ 1424.906301][T18351]  do_fast_syscall_32+0x37/0x80
[ 1424.911470][T18351]  do_SYSENTER_32+0x1f/0x30
[ 1424.916255][T18351]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1424.923080][T18351] RIP: 0023:0xf747d539
[ 1424.927762][T18351] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1424.948841][T18351] RSP: 002b:00000000f548550c EFLAGS: 00000206 ORIG_RAX: 0000000000000151
[ 1424.957755][T18351] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800031c0
[ 1424.966028][T18351] RDX: 0000000000000002 RSI: 0000000000000022 RDI: 0000000000000000
[ 1424.974193][T18351] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1424.982768][T18351] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1424.991444][T18351] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1424.999728][T18351]  </TASK>
[ 1425.003633][T18351] Kernel Offset: disabled
[ 1425.008068][T18351] Rebooting in 86400 seconds..