last executing test programs:

11m39.175705821s ago: executing program 5 (id=192):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000b40)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8b04, 0x0)

11m38.916056014s ago: executing program 5 (id=195):
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@ipv6_delroute={0x24, 0x19, 0x1, 0x0, 0x25dfdbfa, {0xa, 0x10, 0x0, 0x0, 0x0, 0x0, 0xc8, 0x6, 0x3e00}, [@RTA_PRIORITY={0x8, 0x1e, 0x200}]}, 0x24}, 0x1, 0x0, 0x0, 0x94}, 0x4000050)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2182, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
socket(0x10, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
open_tree(r4, 0x0, 0x80100)
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x48, 0x0, &(0x7f0000000000)='\x00', 0x0}, 0x48)

11m37.902954357s ago: executing program 5 (id=196):
r0 = syz_open_dev$loop(&(0x7f0000000340), 0x81, 0x101100)
ioctl$BLKGETDISKSEQ(r0, 0x80081280, &(0x7f0000000380))

11m37.282147719s ago: executing program 5 (id=200):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000226aa140070ad0001310010203010902240001000000000904000002bd22f00009"], 0x0)
syz_usb_control_io$cdc_ecm(r0, &(0x7f00000005c0)={0x14, 0x0, &(0x7f0000000580)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r1, &(0x7f0000002680)="e72c", 0x2)

11m35.94445742s ago: executing program 5 (id=206):
r0 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r0, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg(r2, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x3ec0)
connect$unix(r1, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
ppoll(&(0x7f0000000000)=[{r1, 0x9045}, {r1, 0x210}], 0x2, 0x0, 0x0, 0x0)
recvmmsg$unix(r0, &(0x7f0000003c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2102, 0x0)

11m34.396707536s ago: executing program 5 (id=212):
lsetxattr$trusted_overlay_redirect(0x0, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x8, 0x1)
open(&(0x7f0000000000)='./file0\x00', 0x148640, 0x78e22799f4a46f8e)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x200000a, 0x13, r0, 0x0)
r1 = gettid()
process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
socket$unix(0x1, 0x2, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
ioctl$int_in(r2, 0x5421, &(0x7f0000000000)=0x5)
connect$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
lgetxattr(&(0x7f0000000300)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000340)=@random={'security.', '\\{#)F/,@\xf6-&%.{>$.{$-\x00'}, &(0x7f0000000380)=""/5, 0x5)
sendmmsg(r2, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x0)

11m18.997962433s ago: executing program 32 (id=212):
lsetxattr$trusted_overlay_redirect(0x0, &(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x8, 0x1)
open(&(0x7f0000000000)='./file0\x00', 0x148640, 0x78e22799f4a46f8e)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x200000a, 0x13, r0, 0x0)
r1 = gettid()
process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
socket$unix(0x1, 0x2, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
ioctl$int_in(r2, 0x5421, &(0x7f0000000000)=0x5)
connect$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
lgetxattr(&(0x7f0000000300)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000340)=@random={'security.', '\\{#)F/,@\xf6-&%.{>$.{$-\x00'}, &(0x7f0000000380)=""/5, 0x5)
sendmmsg(r2, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x0)

10m22.09258603s ago: executing program 0 (id=402):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000200)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xcc}, 0x8)
sendmmsg$inet6(r0, &(0x7f00000003c0)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x280020}, 0x1c, &(0x7f00000000c0)=[{&(0x7f0000000540)='\x00', 0x1}], 0x1}}], 0x1, 0x20008050)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYBLOB="05000300010870"], 0xe)

10m21.096510731s ago: executing program 0 (id=405):
syz_emit_ethernet(0x3a, &(0x7f00000000c0)={@local, @random="a7d41414249a", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x33, 0x0, @private, @broadcast}, {0x0, 0x0, 0x18, 0x0, @wg=@data={0x4, 0xfffffffe, 0x3}}}}}}, 0x0)

10m20.196808574s ago: executing program 0 (id=408):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = accept4$bt_l2cap(0xffffffffffffffff, 0x0, &(0x7f0000000440), 0x0)
fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000480))
getpid()
sched_setscheduler(0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e22, 0xfffffffd, @ipv4={'\x00', '\xff\xff', @local}, 0x2}, 0x1c)

10m17.907550325s ago: executing program 0 (id=412):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000300)='GPL\x00', 0x5, 0xffd, &(0x7f00000014c0)=""/4093, 0x0, 0x1}, 0x3d)

10m16.765985757s ago: executing program 0 (id=415):
r0 = syz_usb_connect(0x0, 0x48, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000022546940fa0ae803d0990102030109023600010000000009047500038cbb2a0009050a001000010000090588"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000004c0)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000400)={0x44, &(0x7f0000000200)={0x40, 0x10, 0x2, "1501"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

10m12.11307579s ago: executing program 0 (id=427):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)={0x4c, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x54, 0x9, 0x6, 0x801, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x1c}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
futex(&(0x7f000000cffc), 0x9, 0x0, 0x0, 0x0, 0xfffffffe)
futex(&(0x7f000000cffc)=0x4, 0x0, 0x4, 0x0, 0x0, 0xfffffffd)
futex(&(0x7f000000cffc), 0x3, 0x0, &(0x7f0000fd7ff0), &(0x7f0000000200), 0x2)
r6 = socket(0x10, 0x3, 0x0)
getsockname$packet(r6, &(0x7f0000000080)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0x6}, {}, {0x0, 0xffff}}}, 0x24}}, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000b00)={[{@user_xattr}, {@nodioread_nolock}, {@nodelalloc}]}, 0x1, 0x4a3, &(0x7f0000000580)="$eJzs3c1rXOUaAPBnZpo0SXNvP+7l0vbCbaEXej9oJh9IE3XjSl0UxIIbhRqTaayZZEJmUpvQRaq7LlyIoiAu3PsXuLEriyCudS8upKI1ggrCyDkzk+Zr4qBpBnJ+Pzid95z3dJ73zfC8nHnPOXMCyKyzyT+5iMGI+DwijjZWN+9wtvGydv/mVLLkol6//F0u3S9Zb+3a+n9HImI1Ivoi4tknI17KbY9bXV6ZnSyXS4vN9WJtbqFYXV65cG1ucqY0U5ofGb84MTE+PDY6sWd9vf3GK7cvffR074c/vX7v7puffJw0a7BZt7Efe6nR9Z44vmHboYh4/GEE64JCsz/93W4If0jy+f0tIs6l+X80CumnCWRBvV6v/1o/3K56tQ4cWPn0GDiXH4qIRjmfHxpqHMP/PQby5Uq19v+rlaX56cax8rHoyV+9Vi4NN78rHIueXLI+kpYfrI9uWR+LSI+B3yr0p+tDU5Xy9P4OdcAWR7bk/4+FRv4DGeErP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h+yS/5BJz1y6lCz11v3v09eXl2Yr1y9Ml6qzQ3NLU0NTlcWFoZlKZSa9Z2fu996vXKksjDwSSzeKtVK1Vqwur1yZqyzN166k9/VfKfXsS6+AThw/c+fLXESsPtqfLoneZp1chYOtXs9Ft+9BBrqj0O0BCOgaU3+QXb7jAzv8RO8mfe0qFva+LcD+yHe7AUDXnD/l/B9klfl/yC7z/5BdjvEB8/+QPeb/IbsG2zz/6y8bnt01HBF/jYgvCj2HW8/6Ag6C/De55vH/+aP/Htxa25v7OT1F0BsRr753+Z0bk7Xa4kiy/fv17bV3m9tHu9F+oFOtPG3lMQCQXWv3b061lv2M++0TjYsQtsc/1Jyb7EvPUQ6s5TZdq5Dbo2sXVm9FxMmd4ueazztvnPkYWCtsi3+i+ZprvEXa3kPpc9P3J/6pDfH/tSH+6T/9V4FsuJOMP8M75V8+zelYz7/N48/gHl070X78y6+Pf4U249+ZDmO8/P5rX7eNfyvi9I7xW/H60lhb4ydtO99h/HsvPPePdnX1Dxrvs1P8lqRUrM0tFKvLKxfS35GbKc2PjF+cmBgfHhudKKZz1MXWTPV2j5387O5u/R9oE3+3/ifb/tth/3/556fPn90l/n/O7fz5n9glfn9E/K/D+D+MfvViu7ok/nSb/ud3iZ9sG+swfvXtpw53uCsAsA+qyyuzk+VyaVFBQUFhvdDtkQl42B4kfbdbAgAAAAAAAAAAAHRqPy4n7nYfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOgt8CAAD//1kn1ls=")
close_range(r1, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_IOC_PROTOVER(r0, 0x80049363, &(0x7f0000000080))
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=@ipv4_newrule={0x34, 0x20, 0x301, 0x0, 0x0, {0x2, 0x14}, [@FRA_GENERIC_POLICY=@FRA_FWMASK={0x8, 0x10, 0x9}, @FRA_DST={0x8, 0x1, @loopback}, @FRA_DST={0x8, 0x1, @local}]}, 0x34}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(r8, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000280)={&(0x7f0000000100)={0x18, 0x140e, 0x200, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_RES_PDN={0x8, 0x3c, 0x5}]}, 0x18}, 0x1, 0x0, 0x0, 0x1}, 0x10)

9m56.906707654s ago: executing program 33 (id=427):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)={0x4c, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x54, 0x9, 0x6, 0x801, 0x0, 0x0, {0x5}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xa010101}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x1c}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
futex(&(0x7f000000cffc), 0x9, 0x0, 0x0, 0x0, 0xfffffffe)
futex(&(0x7f000000cffc)=0x4, 0x0, 0x4, 0x0, 0x0, 0xfffffffd)
futex(&(0x7f000000cffc), 0x3, 0x0, &(0x7f0000fd7ff0), &(0x7f0000000200), 0x2)
r6 = socket(0x10, 0x3, 0x0)
getsockname$packet(r6, &(0x7f0000000080)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0x6}, {}, {0x0, 0xffff}}}, 0x24}}, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000b00)={[{@user_xattr}, {@nodioread_nolock}, {@nodelalloc}]}, 0x1, 0x4a3, &(0x7f0000000580)="$eJzs3c1rXOUaAPBnZpo0SXNvP+7l0vbCbaEXej9oJh9IE3XjSl0UxIIbhRqTaayZZEJmUpvQRaq7LlyIoiAu3PsXuLEriyCudS8upKI1ggrCyDkzk+Zr4qBpBnJ+Pzid95z3dJ73zfC8nHnPOXMCyKyzyT+5iMGI+DwijjZWN+9wtvGydv/mVLLkol6//F0u3S9Zb+3a+n9HImI1Ivoi4tknI17KbY9bXV6ZnSyXS4vN9WJtbqFYXV65cG1ucqY0U5ofGb84MTE+PDY6sWd9vf3GK7cvffR074c/vX7v7puffJw0a7BZt7Efe6nR9Z44vmHboYh4/GEE64JCsz/93W4If0jy+f0tIs6l+X80CumnCWRBvV6v/1o/3K56tQ4cWPn0GDiXH4qIRjmfHxpqHMP/PQby5Uq19v+rlaX56cax8rHoyV+9Vi4NN78rHIueXLI+kpYfrI9uWR+LSI+B3yr0p+tDU5Xy9P4OdcAWR7bk/4+FRv4DGeErP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h+yS/5BJz1y6lCz11v3v09eXl2Yr1y9Ml6qzQ3NLU0NTlcWFoZlKZSa9Z2fu996vXKksjDwSSzeKtVK1Vqwur1yZqyzN166k9/VfKfXsS6+AThw/c+fLXESsPtqfLoneZp1chYOtXs9Ft+9BBrqj0O0BCOgaU3+QXb7jAzv8RO8mfe0qFva+LcD+yHe7AUDXnD/l/B9klfl/yC7z/5BdjvEB8/+QPeb/IbsG2zz/6y8bnt01HBF/jYgvCj2HW8/6Ag6C/De55vH/+aP/Htxa25v7OT1F0BsRr753+Z0bk7Xa4kiy/fv17bV3m9tHu9F+oFOtPG3lMQCQXWv3b061lv2M++0TjYsQtsc/1Jyb7EvPUQ6s5TZdq5Dbo2sXVm9FxMmd4ueazztvnPkYWCtsi3+i+ZprvEXa3kPpc9P3J/6pDfH/tSH+6T/9V4FsuJOMP8M75V8+zelYz7/N48/gHl070X78y6+Pf4U249+ZDmO8/P5rX7eNfyvi9I7xW/H60lhb4ydtO99h/HsvPPePdnX1Dxrvs1P8lqRUrM0tFKvLKxfS35GbKc2PjF+cmBgfHhudKKZz1MXWTPV2j5387O5u/R9oE3+3/ifb/tth/3/556fPn90l/n/O7fz5n9glfn9E/K/D+D+MfvViu7ok/nSb/ud3iZ9sG+swfvXtpw53uCsAsA+qyyuzk+VyaVFBQUFhvdDtkQl42B4kfbdbAgAAAAAAAAAAAHRqPy4n7nYfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOgt8CAAD//1kn1ls=")
close_range(r1, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_IOC_PROTOVER(r0, 0x80049363, &(0x7f0000000080))
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=@ipv4_newrule={0x34, 0x20, 0x301, 0x0, 0x0, {0x2, 0x14}, [@FRA_GENERIC_POLICY=@FRA_FWMASK={0x8, 0x10, 0x9}, @FRA_DST={0x8, 0x1, @loopback}, @FRA_DST={0x8, 0x1, @local}]}, 0x34}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(r8, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000280)={&(0x7f0000000100)={0x18, 0x140e, 0x200, 0x70bd26, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_RES_PDN={0x8, 0x3c, 0x5}]}, 0x18}, 0x1, 0x0, 0x0, 0x1}, 0x10)

9m19.256771995s ago: executing program 3 (id=598):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x1, 0x0, 0x7ffc0002}]})
socket$inet6_tcp(0xa, 0x1, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
close(0xffffffffffffffff)
membarrier(0x10, 0x0)

9m18.53021768s ago: executing program 3 (id=600):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000800)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x5}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x2004c800)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newtfilter={0x40, 0x2c, 0xd27, 0x30bd29, 0x25dfdc03, {0x0, 0x0, 0x0, r3, {0xffff, 0x4}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0x1, 0xffff}}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000010}, 0x0)

9m15.968496781s ago: executing program 3 (id=607):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000000c0), 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="05000000110000000400000000000000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYBLOB="0200000001"], 0x48}, 0x1, 0x0, 0x0, 0x40004}, 0x8000014)

9m14.231675009s ago: executing program 3 (id=610):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = accept4$bt_l2cap(0xffffffffffffffff, 0x0, &(0x7f0000000440), 0x0)
fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000480))
getpid()
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0xdea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e22, 0xfffffffd, @ipv4={'\x00', '\xff\xff', @local}, 0x2}, 0x1c)

9m13.233569686s ago: executing program 3 (id=613):
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1206"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000100)=@bpf_ext={0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x50, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x20, 0x1313f, 0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6)
ioctl$TUNGETVNETLE(r0, 0x4010744d, 0x0)

9m9.607517856s ago: executing program 3 (id=621):
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x4, 0x8001, 0x0, 0x80000000b49, 0x200000000002, 0x4, 0xa, 0x3}, 0x0)
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
r1 = dup(r0)
r2 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0)
sendfile(r1, r2, 0x0, 0x8000fffffffe)
ioprio_set$uid(0x3, 0x0, 0x0)

8m54.182847307s ago: executing program 34 (id=621):
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x4, 0x8001, 0x0, 0x80000000b49, 0x200000000002, 0x4, 0xa, 0x3}, 0x0)
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
r1 = dup(r0)
r2 = openat$random(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0)
sendfile(r1, r2, 0x0, 0x8000fffffffe)
ioprio_set$uid(0x3, 0x0, 0x0)

7m56.052730815s ago: executing program 4 (id=931):
syz_mount_image$iso9660(&(0x7f0000000fc0), &(0x7f0000001000)='./file1\x00', 0x0, &(0x7f0000000d80)=ANY=[], 0x3, 0x7c3, &(0x7f0000001040)="$eJzs3U1sHHcVAPA3xm5cVwpVQSWK0nSSFCkRwd1dty5WL2zXY2dae9faXaNECJWqcVBU90ONKmgOtLm0fApx4lh6rXrhhsQBiQNwQqIHLhyQKvWEikQlBEJIRjO7m6wdf6WxY1p+P6v7n5158583s9N5O5vdmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAImnMVirV5HBELJ9Pt9aYbbcWt5k+6O/X65ptlhuRFP/F+Hgc6Y068vkbk+8vHk7Gsd6zYzE+Mphw7+OfGx0ZzL9NQh/XiV3GJRGvFwmNPrO6uvLyPiRyB/3gV7c8y7/Wisf5rJl3WvlifT5L804rnZmerjx8bq6TzuULWedCp5stpo12Vu+22unpxpm0OjMzlWaTF1rLzfnZ+kI2GPnYl2uVynT65ORSVm93Ws2Hn5zsNM7lCwt5c76MqVW+HUXMY8WO+FTeTbtZfTFNL11eXZnaKdUiqLpuzKF1O86xh+794JX3P7q8UuyQW3WS9Pe/WrVaq1WnH5159LFKZbRWqa0fUdkgrkfESEQRsS87LZ8ge3Tkhts3UtT/j5KIhcijGctxPtJIY6R8vPE3FuMxG+1oxWLx/E9jG6bfVP+/+PDf/rDdcofr/6DKH7kx+WiU9f9479nxGC+a8bh6z7r6XxyUN+axf3/Nd3vZDI+7Eq/G1XgunonVWI2VePkO5vOx/kb2tr/5yKIZeXSiFXksRr0ck/bHpDET0zEdlXg6zsVcdCKNuchjIbLoxIXo/HC0/3o3oh1Z1KMbrWhHGqejEWcijWrMxExMRRpZTMaFaMVyNGM+ZqNe9nIpLpfbfWpDXvd/95vJ63/84K1i+HpQdZsVSYo3c0XQ37cJ6hfzB2NX9f/u/rqtj1D/P23G+6/zbuP34rANe2KtPP8fPeg0AAAAgH2UlJ++JxExFg+UQ3P5Qvb1g04LAAAA2EPl95qPFc1YMfRAJMX5f2WTyPfueG4AAADA3kjK39glETERD/aGBj+X2uxDAAAAAOATqPz3/+NFMxHxWjnC+T8AAAB8ynxv6Br7MXyN3ffv6l+jt7N0KPlMP3rp/EPJ8/ViqP58f1y/+dr1HrtzR5PD/U7KZnr06j1JRIw2smPJ4OqX/znUaz8sezh64wKEG/O4fq3fdnssubZ1ArF9AuWz+FGc6MWcuNhrLw6m9JYyMZcvZJON1sLj1aT/4Uj3lRcufyeiWPr3m4uHk7h0eXVl8tkXVy+WuVwrern2fP/y8Mkt5LLW3wLxwOZrPFb+EKO/3InecivD69+/JcLI9stMhpf5RpzsxZyc6LUT69d/vFhmdfLxatTrh0e62fnuK2tDa9/Ponqba/5GnOrFnDp9qtdskkVtXRYv3JxFbTiL3W2LXWfx1onXzv/jt60km9opi6nbzALgoFwqr/pzowrdXVahf6/1FPV/Q90dXNX8lo5yl268yxjMP1TrRmNvqvsbcboXc7r3fmL06CZ1pbLJEf2lyy/9rn9Ef+Sdn/38G8d//4utq9tasn0W78SZXmC/ift+c1MWRRfVcsv+eENVfbuY4+0tq2pnoZbEWIz0pgwmr3xr5YVabWq68kil8mgtxsq3Cv1G7QFgE1vcYyeS6/fo2fkuPI9sflYdg4p33/WvFEzGs/FirMbFOFv+2iAiHty814mhryGc3eGsdWLoDi9ndzi3vBFb2xh76FQSW8RODW2xL/y0bP65f68JAOy3kzvU4d3U/7M7nHevr+VnejfOHZwdx9a1fDNf2e8NAgD/B7L2h8lE982k3c6Xnq7OzFTr3XNZ2m41nkrb+ex8lubNbtZunKs357N0qd3qthqDD45ns07aWV5aarW76VyrnS61Ovn58s7vaf/W751ssd7s5o3O0kJW72Rpo9Xs1hvddDbvNNKl5ScW8s65rF3O3FnKGvlc3qh381Yz7bSW241sMk07WTYUmM9mzW4+lxeDzXSpnS/W29ciYmF5MUtns06jnS91W70OB8vKm3Ot9mLZ7eTNq//XO729AeB/wZVXrz73zOrqysvrB9aSjWM2H/jzLmKuRKwd9GoCAEOGq/T2fF8MAAAAAAAAAAAAAAAOys0/1yvG7viTvuGBsbiF4A0Dh+LjzPXpHfjSu72XZS86vJ1+7l73mt7V31kOfvvc4sBn+4lvHvPEa0fO/SWL2Lmfzf9PuXLPTXtvvHk44q5f/qQ35qt3ak3fi95axOgtzb6WbBNzIIcjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjWfwMAAP//kMJLew==")
r0 = syz_usb_connect(0x0, 0x36, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, &(0x7f0000000100)={0x40, 0x0, 0xd2, {0xd2, 0x20, "fb82359a4e78ef83e628070d0bd64d7871c1c3daa7f2db52c4e311d469a1205c967c4522ddb26dc34fb7bbcf41c86122d780e201d86bb1a891f77f7cec51dfada6e1a7e4e43133c8aa5161b1dc637d3b2067c590d793388431dfd61ef13c3dc7661dc81a44b20180e47dae6a96b931382e129038d935e3cf238313a36ad2e44c013285e96a2e15ab26dd4e83bc15aec61571d81249ca7dfc74cc72be455fb8ca7bc6a5f5d0ec5502669dee0399aa3f4e85bdc8986dd07a513b9d1327988cafef4acac4c418063f2f61151fd85194a224"}}, &(0x7f0000000040)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x2c0a}}, &(0x7f0000000080)={0x0, 0x22, 0x13, {[@global=@item_012={0x0, 0x1, 0x6}, @local=@item_012={0x2, 0x2, 0x8, "9e9f"}, @local=@item_4={0x3, 0x2, 0x0, "7a03418c"}, @main=@item_4={0x3, 0x0, 0xc, "ed0c2c98"}, @local=@item_4={0x3, 0x2, 0x4, "937b041d"}]}}, &(0x7f0000000200)={0x0, 0x21, 0x9, {0x9, 0x21, 0x81, 0x6, 0x1, {0x22, 0x7d8}}}}, &(0x7f0000000540)={0x2c, &(0x7f0000000340)={0x0, 0x9, 0x5f, "60742072e7febf9150b47e1fc97e09003691321af42ad812247236d47ba6bc4a22976c6c0b445a9f6b904343b49443bbf775c2d043cb6665820c52ed254d878a77c8267890240092622f609db16ce80737790378dd9e31e771e77512e6ec96"}, &(0x7f0000000440)={0x0, 0xa, 0x1, 0x9}, &(0x7f0000000480)={0x0, 0x8, 0x1, 0x8}, &(0x7f00000004c0)={0x20, 0x1, 0x29, "686996a849d4fc6ce9beb4dfd68d222240283a6b4a1df4b472e3d77a41419075bb86c1923af3a5e8a7"}, &(0x7f0000000500)={0x20, 0x3, 0x1, 0xfd}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_buf(r4, 0x29, 0x3e, &(0x7f00002cef88)="d84f7398", 0x4)
sendto$inet6(r4, &(0x7f0000000800)="51e251578851f74182a74b89b27df427aeef44966d202e4138b5a18e75a0424e7fe93b0d32c7abba87b65f97aba1c26a06b6d94c4aefd8fdca10e744391062c8e612721c20051608d9aa6dacf61e1eb331a4daad402b9885599d56130f7149fb1111fa116e94324d585a0569fbd311dad54cb4e32ff7f02216844ec3d526c878d5135ad1c9262239339c18885e2a0a95854d6cde3dd2feeaa50216af6c5760923413af81199a65a6332b02ec7bbf79d557c033cbe032fdc44f66a5c59cc4a3c5d218f5896b359d1efd60baf98df6396567478f7b817ce6e11d59a7def452a068e9607f57f626a5b8d476636ef1ee76307524009ae49be402000000000000001e80fed632155e14da1f7324d97bc61a3c1edc4431ee8a6caa2ed9f85cea5a2a9b263630c7d6fc35dda6002da571a2e51917e7c1019d8ce21a608147e408074c7c5f444fab931bda86d977d7c9ccefd881e5ef05b287f41eea526862885881c2cdc687dfff01a9b70a9b08734ac4d62c7f34465c34aa9e9f136c7f796d9eea41aa37f61830508338bb1f887089070567a1dd96cd700e7a098dabedb60f31acd17d487bc8be1a3101d2b5ac1715003793596c6daa93a27f4adb4d6fbea5669cabc206c944317ea18a2c762457f1bc945fec8f849641d44e7e2a24faeee28f3f266395fe18b0dce20c1f64e8896c8ff0e4a44a116fb32462471a0fcde143e551723d57339722765673b4163d66f473ac10f988cb252f106632f9884a47866d284b4efc6bb1aa74ed48d4a6535795f0873a99907ebc22be2337364cf9acc063e32f7d2e02fad64d04aa405d2dbdee1128ab1e4761d2dd30885ad37dd168478f10789d172feef4c817a5cd372caade57f23300e45f47e001e3ea093680ffffff802477368b9910f4e24037c871cb8251568c792287a6f49fa61b7c2600accaa0e7b40c59d88a29af5886c1f5dfc6837c58aaef12a9e100225c70441144ffa82927fa4802ed9ebb03eea8e945af5f4993f21a7f53baf7ec5bb6cc96b917dde82c18840c3500e9565f68f687b1c73d834c0d99d4acb002dc5682dbcdb1217a98f6c3ef8318b7fa93894e8a097b4511ba5c035e27c9fe8bfe7754741ac21bbc0303b81672e3117e5590fe2d92f912759b9937f64204ec5caa92e2cccb31016b13ed8d7bcabb03e176b1c9bda3bf1c1256ab74ab6f42ed9bafbbd0096263be1a7da1e1c88deec55a653d170e1e13c77dacaa60a37a6ba2383e661ebc9f13dbaade2dd884c9951819fb4608e19e70cd2496ccfb12f24c71f496cfe90400fe1bbea1e9a24b1d4664fb0776aca6269b396779680e52f86877d9209988d12ccb137be01ab7496d00547a7d4849d365a18dbb55c429cde87d33c4b74ad2273cdfee88b5418866ef327f25e9cbcd5a64d97107339f7e4cb5f8de171d2779c0f68884ae835e398f982d5749f085628d3608986656ea04b721f828202e9342bd7d19dfa091e772aebf9718030167a8c029df7c58b7f40029d7cfcaf26fd1900d8775ef373e8e2c5bf3525f907add3be426cd5a079c49abffe933e9ee213a3baf34f932d1299312691e1c53e6247ae0989ad66070d51fad22856a8b6b28954e7d41189b11c5321789eec8670de9e8db0b0473ba2e02731e60e7222697d61e052c18d4bcc6d1572fdf426f7b2fee6c1dee66c85c497b90facaf63b8ec5cde4a73400f9180bcfc0f81eca9580a7c81462a077f9034026bf72aa7c6de4b3c15d4a2dbd6fd7d87084aea9f25fb4bf5ec83eb56874a760533792dff2695407ccdd6a7375e0007230fd3f6501c152f1c1ff279b1d67cc95f2820762b7927659368e41657bdef2dd15b63498a93b787bdb26809d734aaf98b86fcf9fc643a34d03ebbe072820662d20d4774d66c5ae270adade5b8f6242a059b926221ee3d677487471c432b0d6d64dad030703475bb3ecac39b204a814f5ece5961621358e36f8a2cf7196c76959824bbb475a7cad8f57853fe05f59f341b5207cc9bb8d686982c2f158e0d8f5c7ec6cbfd500"/1453, 0x5ad, 0x0, &(0x7f0000000080)={0xa, 0x5e20, 0x3, @mcast2}, 0x1c)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000000)=0x498, 0x4)
r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
r7 = openat$cgroup_subtree(r6, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
ioctl$BLKIOMIN(0xffffffffffffffff, 0x1278, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000040), 0x0)
recvmmsg(r4, 0x0, 0x0, 0x40000000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x1c}, [@ldst={0x6, 0x0, 0x6}]}, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x94)

7m52.696556232s ago: executing program 4 (id=945):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x10}, 0x1, 0x0, 0x0, 0x4000840}, 0x28000)

7m52.035435021s ago: executing program 4 (id=952):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='dctcp', 0x5)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x204, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000280)='2', 0x1, 0x24010045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c)
shutdown(r0, 0x1)
getsockopt$inet6_tcp_buf(r0, 0x6, 0xb, 0x0, &(0x7f0000000000))

7m51.432862644s ago: executing program 4 (id=956):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200)={[{@quota}, {@oldalloc}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@block_validity}, {@jqfmt_vfsv1}]}, 0x3, 0x434, &(0x7f0000000940)="$eJzs289vFFUcAPDvzLZFKNiK+IOCWkVj44+WFlQOXjSaeNDERA94rG0hlYUaWhMhjVZj8GhIvBuPJv4FnvRi1JOJV70bEmJ6AT2tmd2ZdrvdLW3ZdtH9fJKB92be5n2/O/N238zrBtC1hrN/koj9EfF7RAzUqmsbDNf+u7m8OPX38uJUEpXKW38l1XY3lheniqbF6/rzykgakX6WxJEm/c5funxuslyeuZjXxxbOvz82f+nys7PnJ8/OnJ25MHHq1MkT4y88P/FcW/LMYrox9NHc0cOvvXP1janTV9/9+dukyL8hjzYZ3ujgE5VKm7vrrAN15aSng4GwJaWIyE5Xb3X8D0QpVk/eQLz6aUeDA3ZUpVKp9Lc+vFQB/seS6HQEQGcUX/TZ/W+x7dLU445w/aXaDVCW9818qx3piTRv09twf9tOwxFxeumfr7ItduY5BADAGt9n859nms3/0ri/rt3d+drQYETcExEHI+LeiDgUEfdFVNs+EBEPbrH/xkWS9fOf9Nq2EtukbP73Yr62tXb+V8z+YrCU1w5U8+9NzsyWZ47n78lI9O7J6uMb9PHDK7990epY/fwv27L+i7lgHse1nj1rXzM9uTB5OznXu/5JxFBPs/yTlZWAJCIOR8TQNvuYfeqbo62O3Tr/DbRhnanydcSTtfO/FA35F5KN1yfH7oryzPGx4qpY75dfr7zZqv/byr8NsvO/r+n1v5L/YFK/Xju/9T6u/PF5y3ua7V7/fcnb1XJfvu/DyYWFi+MRfcnrtaDr90+svraoF+2z/EeONR//B2P1nTgSEdlF/FBEPBwRj+SxPxoRj0XEsQ3y/+nlx9/bfv47K8t/ekvnf7XQF417mhdK5378bk2ng1vJPzv/J6ulkXzPZj7/NhPX9q5mAAAA+O9JI2J/JOnoSjlNR0drfy9/KPal5bn5hafPzH1wYbr2G4HB6E2LJ10Ddc9Dx/Pb+qI+0VA/kT83/rK0t1ofnZorT3c6eehy/S3Gf+bPUqejA3ac32tB9zL+oXsZ/9C9jH/oXk3G/95OxAHsvmbf/x93IA5g9zWMf8t+0EXc/0P3Mv6hexn/0JXm98atfySvoLCuEOkdEYbCDhU6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHv8GAAD//5LX5s8=")
r0 = syz_open_dev$sndpcmc(&(0x7f0000000080), 0xb, 0x2)
ioctl$SNDRV_PCM_IOCTL_PAUSE(r0, 0x40044145, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x84}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
mount(0x0, 0x0, &(0x7f00000000c0)='nfs\x00', 0x0, &(0x7f0000000000)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x810\x8f\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb\x9a\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\x85=\\!\xbbQ\xde\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w\x00\x00\x00\x00')
chroot(&(0x7f0000000080)='./file0\x00')

7m47.470418818s ago: executing program 4 (id=970):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x1f, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8969, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000480)="97d0dc", 0x1, 0x0, 0x3}, 0x50)

7m46.927121846s ago: executing program 4 (id=973):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000), 0x20000328)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, &(0x7f00000001c0)=0x40)

7m31.530160092s ago: executing program 35 (id=973):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000), 0x20000328)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000180)={&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, &(0x7f00000001c0)=0x40)

1m34.536018316s ago: executing program 6 (id=2747):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000004001000ffff21000b000000"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000200), 0x2, r3}, 0x38)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000080)={0x0, &(0x7f00000001c0)=""/40, &(0x7f00000001c0), &(0x7f0000000200), 0x1, r3}, 0x38)

1m32.455172168s ago: executing program 6 (id=2750):
syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
creat(&(0x7f0000000140)='./file0\x00', 0x0)
syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
symlink(0x0, &(0x7f0000000100)='./file0\x00')
umount2(&(0x7f00000002c0)='./file0\x00', 0x4)
mount$tmpfs(0x0, 0x0, &(0x7f00000001c0), 0x0, 0x0)
setxattr$system_posix_acl(0x0, 0x0, &(0x7f00000007c0)=ANY=[], 0x6c, 0x2)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffb2, 0x0, 0x0, 0x10, 0x5}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300))
ioctl$DRM_IOCTL_SET_MASTER(0xffffffffffffffff, 0x641e)

1m31.157678579s ago: executing program 6 (id=2753):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000180)={'pcl818\x00', [0x5c21, 0x3, 0x1, 0x2, 0x2, 0x7, 0xc, 0x7, 0x5, 0x800, 0x6b5b, 0x2, 0x3d, 0x403, 0x6, 0xc, 0x1, 0x0, 0x3, 0x40400003, 0x8c, 0x1007fff, 0x6, 0x5, 0x8004, 0x8, 0x2, 0x8, 0x8, 0x1]})
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x1, r2})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffb2, 0x0, 0x0, 0x10, 0x5}, 0x94)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r5 = syz_io_uring_setup(0x110, &(0x7f00000003c0)={0x0, 0xfad4, 0x10, 0x1, 0x7}, &(0x7f00000000c0)=<r6=>0x0, &(0x7f0000000480)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r5, 0x133d, 0x3e000000, 0x8, 0x0, 0x0)

1m29.716871534s ago: executing program 6 (id=2756):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="01002abd7000fcdbdf2507000000080001000100000008000500020000000a00040077"], 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x0)

1m29.461532472s ago: executing program 6 (id=2758):
syz_open_dev$sndctrl(0x0, 0xe0, 0x10400)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
read$watch_queue(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, 0x0, 0x51, 0x0, 0x1}, 0x28)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/cpuinfo\x00', 0x0, 0x0)
read$FUSE(r1, 0x0, 0x0)
pread64(r1, &(0x7f0000000000)=""/49, 0x31, 0x8)
socket$inet_udp(0x2, 0x2, 0x0)
getpgrp(0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
read$char_usb(r1, &(0x7f0000000000)=""/133, 0x85)

1m25.767654772s ago: executing program 6 (id=2761):
socket$packet(0x11, 0x3, 0x300)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140), 0x200002, 0x0)
r1 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
rmdir(&(0x7f0000000040)='./cgroup/../file0\x00')
write$cgroup_subtree(r1, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$ppp(0xffffffffffffff9c, 0x0, 0x1534c3, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000640)=0x1)
ioctl$PPPIOCSFLAGS1(r4, 0x40047459, &(0x7f0000000080)=0x40)
r5 = openat$comedi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/comedi4\x00', 0x2c00, 0x0)
ioctl$COMEDI_INSNLIST(r5, 0x8010640b, &(0x7f0000000100)={0x1, &(0x7f0000003780)=[{0x6000004, 0x0, 0x0, 0x7f, 0x10001}]})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x40505330, 0x0)
r6 = syz_open_dev$cec(&(0x7f00000000c0), 0x0, 0x82002)
ioctl$CEC_S_MODE(r6, 0x40046109, 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, &(0x7f0000000280)=0x2)
syz_open_dev$usbmon(0x0, 0x7, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c0000002000010000000000fcdbdf250a805f00000000001a000309000017004e234e2714000200fc02000000000000000000000000007eb907690020010000000000"], 0x4c}, 0x1, 0x0, 0x0, 0x10}, 0x40000)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r8 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x20101, 0x0)
ioctl$SNAPSHOT_ATOMIC_RESTORE(r8, 0x3304)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)

1m9.032833169s ago: executing program 36 (id=2761):
socket$packet(0x11, 0x3, 0x300)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140), 0x200002, 0x0)
r1 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
rmdir(&(0x7f0000000040)='./cgroup/../file0\x00')
write$cgroup_subtree(r1, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$ppp(0xffffffffffffff9c, 0x0, 0x1534c3, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000640)=0x1)
ioctl$PPPIOCSFLAGS1(r4, 0x40047459, &(0x7f0000000080)=0x40)
r5 = openat$comedi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/comedi4\x00', 0x2c00, 0x0)
ioctl$COMEDI_INSNLIST(r5, 0x8010640b, &(0x7f0000000100)={0x1, &(0x7f0000003780)=[{0x6000004, 0x0, 0x0, 0x7f, 0x10001}]})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x40505330, 0x0)
r6 = syz_open_dev$cec(&(0x7f00000000c0), 0x0, 0x82002)
ioctl$CEC_S_MODE(r6, 0x40046109, 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, &(0x7f0000000280)=0x2)
syz_open_dev$usbmon(0x0, 0x7, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c0000002000010000000000fcdbdf250a805f00000000001a000309000017004e234e2714000200fc02000000000000000000000000007eb907690020010000000000"], 0x4c}, 0x1, 0x0, 0x0, 0x10}, 0x40000)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r8 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x20101, 0x0)
ioctl$SNAPSHOT_ATOMIC_RESTORE(r8, 0x3304)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)

35.964188353s ago: executing program 9 (id=2853):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0)={0x0, r0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000340)=ANY=[@ANYBLOB="f8000000190001002dbd70000000000000000000000000895fa6270000000000fe8000000000000000000000000000bb0000000000000000", @ANYRES32=0x0, @ANYRES32], 0xf8}}, 0x0)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r1, &(0x7f0000000280)=[{{&(0x7f0000003e80)={0xa, 0x4e22, 0x5, @mcast1, 0x6400}, 0x1c, 0x0}}], 0x1, 0x4008810)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
r3 = getpgid(0x0)
r4 = syz_pidfd_open(r3, 0x0)
pidfd_getfd(r4, r4, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480b0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
r6 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'bond0\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
pipe2$9p(&(0x7f00000003c0)={<r9=>0xffffffffffffffff}, 0x84880)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000380), 0x10800, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r9}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@directio}, {@posixacl}]}})
r10 = socket(0x10, 0x803, 0x0)
bind$netlink(r10, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
getsockname$packet(r10, &(0x7f0000000600)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r8, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r11, 0x1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x4}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40040}, 0x0)
r12 = socket(0x1, 0x803, 0x0)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001400)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r7}, @IFLA_MASTER={0x8, 0xa, r13}]}, 0x44}}, 0x0)

29.97672657s ago: executing program 9 (id=2860):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000640)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a94bc3ae91684aaf7b7dff691deb8f8aef2d915fb3a0794a9a9b431a819bca6122c350637808dde804a048fd8696e524b2934126c443ce93d82e931eb9918e6c0827686e59209d2e02c9210fd8048f04ad6c42200fd9232f5aa6a361816bf21afb8473a064f1988536d4b5888807b3aaafaf59f53121782a0a9370dc0feae13c8c2a1dcc8a3122aaa3dcd5b9247a915378e6492e5b94073dcdc87e7c794fb262a7e9ee0b943", 0xc5}], 0x1}}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000040)="bf", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000800)="cc5a4dbac0affd0a979c63ea8352d608a51fc8625318716ddf62b7752be4540c4ac7d344c53a3ad28313abc2437b60b03c0e587cafcf9a435bf90c618351f70a828238fdf90bc5d36c7d614b82552649954e0185662defd28f78449f073bad544f586136c5076a6f0f1b6fc9adf80557eb44db1b41824e9ef104c95e999766bbf27d74ad5d8fa63210cde65d384dd3e87c1fedaec3144d1ee66a0eb0750363e346cb930dae6109df6b9955bf8af119b5c9a86622af4ff8b5949fb90f8edbde416d046d61512fe4c453bb601a780e1bbc00dbedc5e50d3cd9bc920810eaefd5f9a171e9d32ab46b42e3e78c60087318bab42e94653cbdd600fba37c5a31d095500e91d02256f101e82447e34733220cdaaabc947f5b815080b5214c94a06fe96450ea42f48006c032b24d9e8d722841b7c7244b1d2cc012fcda1f7472fdbabb673ef862e32b359fad715b3f5cef6ef951abab80a4a0f5f8574395c5820fa25d07a119e23b39a87cb3b763fbfb0493121eec3e05eacbe7835e79e74881d1179013622a2a6421d51c974e6abd48a9882c8fcadbcee369346a9ad948fd5dd8f87496a30a9d888cdbcee8f3592dd69165358c4cd474639fc13300317b7fed115fb9818b20d177a39157101dbd8e23bc9ed32efed96c410a103d35336f", 0x1da}], 0x1}}], 0x3, 0x2090)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

28.148353357s ago: executing program 9 (id=2865):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt(r0, 0x84, 0x7f, &(0x7f0000000240), 0x0)

26.233305442s ago: executing program 9 (id=2869):
socket$inet_smc(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6a72c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_io_uring_setup(0x10d, &(0x7f0000000980)={0x0, 0x45885, 0x80, 0x0, 0x8}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r3, 0x3596, 0x0, 0x49, 0x0, 0x0)

24.106342483s ago: executing program 9 (id=2871):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0)={0x0, r0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000340)=ANY=[@ANYBLOB="f8000000190001002dbd70000000000000000000000000895fa6270000000000fe8000000000000000000000000000bb0000000000000000", @ANYRES32=0x0, @ANYRES32], 0xf8}}, 0x0)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r1, &(0x7f0000000280)=[{{&(0x7f0000003e80)={0xa, 0x4e22, 0x5, @mcast1, 0x6400}, 0x1c, 0x0}}], 0x1, 0x4008810)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
r3 = getpgid(0x0)
r4 = syz_pidfd_open(r3, 0x0)
pidfd_getfd(r4, r4, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480b0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
r6 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'bond0\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
pipe2$9p(&(0x7f00000003c0)={<r9=>0xffffffffffffffff}, 0x84880)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000380), 0x10800, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r9}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@directio}, {@posixacl}]}})
r10 = socket(0x10, 0x803, 0x0)
bind$netlink(r10, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
getsockname$packet(r10, &(0x7f0000000600)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r8, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r11, 0x1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x4}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40040}, 0x0)
r12 = socket(0x1, 0x803, 0x0)
getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001400)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r7}, @IFLA_MASTER={0x8, 0xa, r13}]}, 0x44}}, 0x0)

16.462779687s ago: executing program 9 (id=2882):
openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x20800, 0x0)
socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wlan0\x00'})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffdffffffffff, 0xfa11, 0xffffffff}, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
ioprio_set$pid(0x2, 0x0, 0x2007)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$sg(0x0, 0x5dc, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
io_uring_setup(0x1684, 0x0)
syz_open_dev$vim2m(0x0, 0x8, 0x2)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(twofish)\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x800)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r5=>0x0})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000b80)={r6, r5, 0x25, 0x0, @val=@netkit}, 0x1c)
syz_emit_ethernet(0xfdef, &(0x7f0000000400)=ANY=[], 0x0)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {0x0}], 0x2}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)

16.181418957s ago: executing program 8 (id=2886):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x40000000015, 0x5, 0x0)
close(r3)
fcntl$setstatus(r2, 0x4, 0x800)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000300)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {0x0}], 0x2}], 0x1, 0x800)
recvmsg(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)

15.012513558s ago: executing program 8 (id=2888):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d6173710000000004000280600001800a0001006c696d6974000000500002800c0001400000000000000008080004"], 0xdc}}, 0x0)

12.742951015s ago: executing program 8 (id=2894):
r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
ptrace$ARCH_GET_FS(0x1e, 0x0, &(0x7f0000000100), 0x1003)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee3, 0x8031, 0xffffffffffffffff, 0x756be000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)=ANY=[@ANYRES32=0x0, @ANYBLOB="0400000200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000001aa30000000000000000000000260bbc0000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000640)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000f6ff00007b8af8ff000000000000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008000000182300007f22c4c6e3df645221e8f1c636d72375c0671cdc0f08525592a1e3d6313b937cffbbee2d4ce179f16731ad70cfab07e0630a0be4d20bcf71aa10b4502bc3638b2dffbf0d0a652ffcc216fb1a6a375bbfbd30478a7c161d45ec0ddbd5e5f19608bb19e34decb078a62ffeb0", @ANYRES32=r4, @ANYBLOB="0000000000000000b70400000800000085000000950000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r5, 0x0, 0x27, &(0x7f00000000c0)={@multicast1, @local}, 0xc)
setsockopt$inet_msfilter(r5, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e0000001ac1414aa00000000"], 0x1c)
setsockopt$inet_mreqn(r5, 0x0, 0x25, &(0x7f0000000080)={@multicast1, @local}, 0xc)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r0, 0x0, 0x0)
r7 = openat$cgroup_int(r6, &(0x7f00000001c0)='cgroup.max.descendants\x00', 0x2, 0x0)
sendfile(r7, r7, 0x0, 0x81)
setsockopt(0xffffffffffffffff, 0x84, 0x7f, &(0x7f0000000240), 0x0)

10.857362482s ago: executing program 8 (id=2896):
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x9}, 0x20)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r2, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000640)="985e44efeabe001cabcf3d8673c3a254a9a2d3197970cb347b70a243bf77139a94bc3ae91684aaf7b7dff691deb8f8aef2d915fb3a0794a9a9b431a819bca6122c350637808dde804a048fd8696e524b2934126c443ce93d82e931eb9918e6c0827686e59209d2e02c9210fd8048f04ad6c42200fd9232f5aa6a361816bf21afb8473a064f1988536d4b5888807b3aaafaf59f53121782a0a9370dc0feae13c8c2a1dcc8a3122aaa3dcd5b9247a915378e6492e5b94073dcdc87e7c794fb262a7e9ee0b9432f74331c6e9412ac6557c54c6ac72bc24ff70ca2f8", 0xda}], 0x1}}, {{0x0, 0x0, &(0x7f0000000480)=[{0x0}], 0x1}}], 0x2, 0x2090)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r2, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)
execve(&(0x7f0000000040)='./file0\x00', &(0x7f00000005c0)={[&(0x7f0000000ec0)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01', &(0x7f0000000180)='\x7f\xbf\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01', &(0x7f0000000380)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01', &(0x7f0000000080)='\xf6\x98l_\xf5<\x1a_6:', &(0x7f0000000480)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01', &(0x7f0000000bc0)='\x7f\xb7\xc3\x7f\xa5a\xd6\xd3\x18\xd0\xe0\xd8R\xf02b\xefA|uiWb\x8f\xee\x1ch\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l\x00\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xe5\x9ez1b\xf1\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C$h|\xcbZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf7\xccMr\xc5\xbdT\x9e\xd4\x84\x06\xcd\x8b\xcd\t\x01\x11\xbc\x86<\x8b\xad\xc4\x80B\xce\x86\x86g\x92\x92w\x89\xfe\xba\xbeeC\x96Ad\t\xc2\xc8\xed\xf3\x1e\x84Ot\x12`=\x98r\x94[\xc8\x91r\xbaG3\xd6a\xca\x05\xd5\xec\xfd\xfa\xaa\xa1\xa7\xcc\x85\xf5D_\xb4$r\xca\x8f\xcf[T\xb9\x0f\xaf\x00\xbc\xa4\xba\xb6=]\x8a\xfb\xaa\xdc+\xbe\a\x06>\r\xe5,i\xa2\xa8\xa2M\xc7\xfb\x11\xd1U\xe5H\xd6\x1b\xf7\xf6B\xcbG\xe4\xe6\xc3{\xf5\xf9_F\x02\x8ah\x15G`+\xf9\xb9\x95V\xa3\xb0\x1b\x0e\xafle%/K\xbb\x9d\x17\xde0\xc2\xa41\x9aS\xe6M\x1e\xb9\xc9\xe8\xf7i\x02e\x8c\xce\xa9\xe7\xc9\x13\xa4\xe8\xf4\x1c\xff\x82\xe13\x89\xeex\xb5\xcf\xce\x108j#\xabH\xc3RU\x00M?\xca\x9c\xefT\xaaJ8*\xe0S\rV\x9c\xaf\xb3yh\x15\xa2\xce>>f\x16\x8d(\xeaot\x83\xe5\x13\xf2bA\xc1O\xbb~\xe5p\x83\xb3\x9d\x1c}\xe7\xd7\x811\x15\x9eP\xea\x00\x00\x00\x00\x00\xfd\x8c\x96\xebw\xdeg\"\xe4\xf6\xfc\x96N\xaf>!\xd9\xaf\x1be\xfa\xedJ\"\xab\x18xK5?\xec\xa0\xc2<\xa8\xdbo\xb1l\nn\xdb#\x97\xbcd\x0e\x93\x9e\xea\xb9\x9d-\xb6u\x7f\xe0\xa6\xef\xb4#\x1b@N\x04\xa0s\xa0\xe1\x90k8\xc3\r\xd0\x1b70b\xda\xe5\xb0\xa8\x01\x14N\xcf\x8dJ\xad\xc69\v\xbc[\xec\x97\xe7\xb2\x90j\xbd\xb1GX\xf2\xed\x15\xceK\xac\x19`a\x1e\x15\x90\x8d\xf4r\xd4Q\xd5\xc19|\xf7\x99\xed\x0e\xaf\xf7\xefR\xa6\xd0:\xe2yB\xfdpG\xf5\xc5\x919\x0f\xfa\xd1R\xc7\x8b\xbc)l\x11\xa8h2V\xe8\x1a\xf7\x8e\x14\xcbF\r\xa7w\xd3\xd3\xb7\xa5\x88\"\xa8\xa4>\xf0*\xbeM\x02\xf0i\x10m(7\xb64\xf5\xa1aZ\x16^\xde\a\xfae\xae\xe7{1\xd0\xa2\t\f\x85\x98\xdaK4]Hi1J\x95\x0e\xa37\x86ch\xcb\xeb\xbfq\xc6\xd3\x98\xd3\x8c_R\xe4oN\xa7\xab\x03\x1c\xc5}\xf1\x92\x82\xe3\xa5~jy<\xf7T\xaf\xabYQ\x82EI\xf0P\x96', &(0x7f0000000000)='\xc1r\x9dnyb`\x00\xa2\xabCg\x13\b\x8f*\xdaA\x822\xf7\xaf\xf6U\xad\xb0\xb2\f\x88s\x19\xa3D\xa9\x82\x8a\xa3\x94\xab\"|\xcf\x1f\x12\x8d\xe1\xe5\xc3\x01\x03\x003\xa9p^\x01^\x16>tnF', &(0x7f00000007c0)='\x00', &(0x7f0000000900)='\x01-\x00\xb6\xb7\xe1\x7fl\xd5\xf8G\xfdQ=\xc3\xd4\x02RP\xb2\xbf\x99\xfc\x10\" \x93)\xc5\x93\x98\x11\xe0\xd4\x14\x9a\f#LU\xda\xeb\f\x03\xa4\xf7\x85\xddYL\xf7\xf2\xc4\xff@+\x04^\xcc\xc8\xa1\x9f\xa7p\xd2\xaa\xa2^\xa6\xd1\v\xd1\xdd+o\x91\xc8\x90\xeebUCE\xdc=\x89\x86\x81S\x038', &(0x7f0000000840)='\x10!%{@{+\x00', &(0x7f0000000880)='.-\\:!\x00\x00\x00\x00\x00y\xa5\x91\x9d:)\x0f\x9d/\xf8\f\xad\xdb|\xcf\x1cHB\xc8\xa3Qo{\xc5|\xa5z\x0e\x0f\xdee\xc2>\xb6\xfe\xeaZ~\xa3\x15\x16l\x00', &(0x7f00000008c0)='-\xf3\x00', &(0x7f0000000980)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01', &(0x7f0000000780)='.-\\:!\x00\x00\x00\x00\x00y\xa5\x91\x9d:)\x0f\x9d/\xf8\f\xad\xdb|\xcf\x1cHB\xc8\xa3Qo{\xc5|\xa5z\x0e\x0f\xdee\xc2>\xb6\xfe\xeaZ~\xa3\x15\x16l\x00', &(0x7f0000000a80)='::-$[]#:{\x00']}, &(0x7f0000000b80)={[&(0x7f0000000800)='.-\\:!\x00\x00\x00\x00\x00y\xa5\x91\x9d:)\x0f\x9d/\xf8\f\xad\xdb|\xcf\x1cHB\xc8\xa3Qo{\xc5|\xa5z\x0e\x0f\xdee\xc2>\xb6\xfe\xeaZ~\xa3\x15\x16l\x00\x00\x00\x00\x00', &(0x7f00000000c0)='-\xf3\x00']})

10.369431462s ago: executing program 2 (id=2899):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc0800034000000014480000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c0003801800008008000340000000020c000440000000000000000b14000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="440000000d0a010800000000000000000a0000010900020073797a31000000000900010073797a310000000018000380140000800800034000000002"], 0x44}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)

9.932323209s ago: executing program 2 (id=2900):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x40000000015, 0x5, 0x0)
close(r3)
fcntl$setstatus(r2, 0x4, 0x800)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000300)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {0x0}], 0x2}], 0x1, 0x800)
recvmsg(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)

6.844696666s ago: executing program 2 (id=2903):
r0 = syz_open_dev$video4linux(&(0x7f0000000480), 0xf, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_INTERVAL(r0, 0xc040564b, &(0x7f0000000000)={0x9, 0x0, 0x6001, 0x7, 0xe70b, {0x6}, 0x1})

6.607501999s ago: executing program 7 (id=2905):
syz_genetlink_get_family_id$l2tp(&(0x7f0000000680), 0xffffffffffffffff)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x2f00020b, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x7515, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="220000000400000010000000"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r0, <r1=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x10, &(0x7f0000000100)=@framed={{}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3264}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x76}}]}, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)

6.515713854s ago: executing program 2 (id=2906):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a3200000000140000001100"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a90000000060a0b0400000000000000000200000064000480600001800a000100696e6e65720000005000028008000240000000840800034000000007080004400000000f08000140000000002c0005800c0001007061796c6f6164001c00028008010440cb362374cc5b0377000000b9080002407ffffffe0900010073797a30000000000900020073797a32"], 0xb8}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

6.169374475s ago: executing program 7 (id=2907):
r0 = syz_open_dev$radio(&(0x7f00000000c0), 0x3, 0x2)
r1 = dup2(r0, r0)
syz_fuse_handle_req(r1, &(0x7f000001fd00)="c351d85125eaaa5c15332f0bfe0a462713550cbd5f86a0e33940d0befa7c6f9a16c7536908372f9c091bc95aec3fc5e436416b5a11018fb255cd509b4b443c1b6967a679ccdbbd456fa46115ca60b03342c03204f080b84a525d42869a72d4e9270460ea686348d8a41501c8145e6cfeee17b52261ecf169f4393274f9475c5186313634a89300240f0759e7342887bce34813ea6b1e143e049e903a5546f8d2a774d570790556bef58588adf79ebce9519545074a8668e2b52f8a9b197872e19d32187d4966cfd5dbb138a5e75637640968b339ab02906f31c9584ece58267c80e967c366da2eeb965b78e73099c1d7bbb544ea2a4e7808af1d5b4d0ecf33373d7ca643616a8268546f3d0cb1af572fb8f25b2200caf4d7262dfd00089115c22cf0885581b802c4a99db3d869ed68b15e284983c5b4dd49d3879254faa9d382ad5126fd78c72ff00b391e8e0f8531e415bb020472ff862208ed8d41c5af0766cc5adeb20f59c022ca974dc9134aca8e86a15e927aace116f2c10a900e2d8837155ac0e91cb5f5f72bbfccdaf2591c6190682703bf1431d408c2d082dbd5bb3d699fe0d33f93242bbd6897ed7133dc281940db2fb74b002bf589de9056b60c627abf50762cda383f53297cd534ff156fda6bb9abe13cc9eb09669f7f1d7102ff0bd7fab9c3a02b96628265f5f303804bdc72aa732fc2aa489d69131722693d9a2751cd21340f8059489e2e344063969f08c1bf078ac9d17859e46396312738925d6e7ab1a643f305f677d9fdc40f61e3cbde8b3251f31032c4154ae0bfea447ac98b66b32819c4da38a761ec572200fc20a15b2e3ceddf4ffbf0ad45b08d15f436ed0c27ef1c5c9c5538f98b4b0cd61abcd9173e39b03dfa639a55484582e5e055da0b67caaa48eb31bc1bf6d0d412bf7981b5d1ebab674bc47c5a181e2e7585c936e1f4df7c5aa17869d89ae28b08fdfe9ba4d153f8de7789ffee325f461c042d792b43930023a441f751f3efc3b5fa7a30e1b2621d442c78859e761c90509ba010a0613ee161d9f2624dd3a7a42ee6471ec166d8d7df3035f2bdbb3cebd627c0b2e324788681a0ce25170ab6df538e2f6d5917a89df23588d33947adb34434d1213e086e599ead29918a4aed688b42fb10a726b436b324cf4fc5a856eb8be1cd33a2f20c80dfa68d3dfc7b7a81c1ff2f0e759001a02274f794f46fbc8a593d78c6e4bc99be5634be39fd5ef507bdcde6910f0df2e3f482c95338021d60ce030a442e99f73b74e7981673bf35ae3444099e5dd01ba8f31b72c410169fa356bf11a07e2d991a9b7284e20a699e4f128a41cb3b54f3669f638f06ab9e4aeaf2d558dc4eb32a141aa90ed6c8017d2ad4a3a58b0ca5f0741616654b87602078faca553b19fd6758156feb455f90d039f1e003c8145f7670b66a9bc3e429a962e2978527f200fafd039c98cce02eee1814ef689be19a6f79b17729acb56dc1c241ce4e80e385f2e0dc455f05a86e47c2221fa08acc1f453844a714c810a8bbef689619f6ca6ac7e0cd15a73545b8abd636685378a6d2b4b7c87c0fa1541fe5b71ce951fd30aaa081f96a1225c835d2522962fe37cd6e856a36af1921cf2e852e9a1a3c6143b651e6e9ebfaa350fd117f449ae29676808d076d39fce2f733a97928fdcf6f5286e9df822cc3d3b068389f9f76616cceba1a796997633128bbf6b34448784ef22a715002f59b8992f6aa2104aeaf6f1b8863680e7d44641e0e84620b297db0f3d650385f48d2814257343337734c0a0d04a9cea3d9eb465d7dbe45bfbb16e5bcf3dcd0122ed4745dc7b5b160e0332af945f9d9748c9b87ff3f740b1c416993df759b931ef36e7b9fa53076bdbcfe303246a2360c55cbfd7bc5fe975dc32f40eb0b01a611370a619cb84ce9d6afb5db5da242a610020865f181a482fef61a369c1f58365797a127ab0bfe38464b56aa14d84792b7823e4c6d75e81787fb843d403bc824176041a46cbd971170962ae387f8ec040ab83abf4ba6e89d6012cd858883006caefb77f85e71b46b79580c440053270c5379c0b7436cf292dc183d4529677970ad28d160901dc2b4812bda885be50d66d3cb48d48baf5778250ff3de0912c3d84fa793b72353bdb8a614c8db810e7e4454d20ce297e1fb8bf24913ca37a61e454128bcf6affbcdd1d000865139b0597b33a1347f12a7b1a887b8bd82de245a1382826264897c6a48aec2cd7539cfeab1a9843ff6dbc01d2a4113f8182e9a9fb8a6f79b2a8e4bfff077618b43a0627cb711adfaef8b451a2f815cd7a7dc579f4542a9cfe894df99b8716692fcd10c980aad814457946dcd400794cc3a2f07b824d81688e6bab4380b372785515d85730dcc2b29524c27adffa8898df44e4fd8ba1ab2ee7f78f77d1f05b48a73583d3bc9e9be9ccb174328d154cb553cefa1d52177669f88ed16bf1cf4db500ab4afd2b020c64aa08f164c5dcebd8c1e3eaccbf651cd6f99d29d2e9c1307a66a5e961a31124b8a8beacccde6b675841a616bed007017a6bc4bcf819b0153b5e185521f88dda45ae4b1a6af111a484e797cab005c70ce2ac776bcc9b6573728d80a428c6991c7e681730dde75722b73c04b89084af97b05814e0ff3559e8d1d051cd7694291913df8a84d91beab8e4648377c328fe6e52158b640f77b0fb586d0edd53114d2de31ce2808ebb6fadbfa72716ca0b7fd1bfde4fdc4e48bfc06c5ff81d23ec579a31403acb84c95ce6667715d5f2c8544d68dc50a991183af5d65ea9790f5e9bc2217df011d797b151feb2792b07393618ae548d6167c6e1daa756a1537348ca3b5b20cfed62e4618791990467dd3ea10616ab65e2727bcf3f8a014162bb0d6af8b8dba3fba3a8faee08d2fed5f03c82c8944e8fc9f37473ec3ba846e8877417931cfe9283e625eb43f99de49fec2cdb0ae05ea02745b303cf5d1aa5e8911d427b9a3b676cd35eec64a1531ebcd1adb10257e0ad431c684893b06f4cec9ce5c1c065e9d63499ae69eb25855ac3b1daa6b4d88edf4761e61bf32e080f891f865301b64340068e87f33cd3764f547e9b4973443bb4a92519a79c85033425b1e493b3d11d8a51bef269ef41ef399208ae4bd15cea24faba9c4f65aaa08d3da173d323fc5190b25c893df8605414237d538928c0babbf9ad6ebe2a81bbc342bbb2115a5e279b6a4568303e9e4a571ce5b0ca32c9b6cc136e1656d9dca7616ba8a9f1639b3b7de0b26cf4680edee63efe6ca889d0b05b1bdda3f433953e56d2929ec86c9555c2c24708b1294ffaa2644a9eea819babc00e85a573a04494e8e1baee394fa4f94004fd129edc9131056298062a296527553a56a48f66cb474c705ff2d269ab068d6a2177dfa0d566860bcca3f74c2c2aa6de4e59c3a5394dea7ccc3fa4fc5323994a38738a90eab5d2bf9ed69345be2daf0c91e3fb65ca642a681b17a7b7eb6b7c92907c4c6ed889bbd4aa618c540be5fe898708eb4bcfa3bcb03631c76fa0d77efe06a55523da2e1850669fd2253977c5902a0d8496657f217734ba717c45b33b4aa51d0c6dc1a8d29d4e2b93c1289df3e9a305389c8e86677af93d5b0b72f48250dccb0cbd50f27d5433fcf76a4ffbd50ef8ed62dab6b847f59d8a2eda07c0c222b39ef5f2f61e696e1bc8a776b122c72a8938d3988fe14e15ad14da35a25b8922e2e72d0539590cb6106bf44feb0adbb280bc5218edd2a3c06ff2fed2f51922f8d341829839ca2d4cbcd2cb66a83ac080ee95640b592c5f1d7fe437043acebe8cf4399dbd332dddc6a9973a854b035aeefd4c42e7bb809e63dce1422d71259a826b7e48acc8d9110c15dc19ff9888be88fae9100cce257658ba7c21e24dd22a9837f0e400c11a676e8aece6afee802ed0d41298733bd9b727d6b9919878797e44281d4a581cb4c3a0027e2dc5a7fa6c60644cb98160f5ce9481e1df64eea2efa2ec0cf48a8bc8286029450ea7f597ff4cfd1c20b76dde301ec80710e3bbd0ae318836e5c32edadbc55916b2ff84c3ba7f8161b987bec95115102d12f5ae5c8d1c82c96761b2e70e23d6774793fc7e7ef74939c109bc9ac4a55011cf9f8b58eb8e2f852460f7d411922d188cdf935024f09cd78527c6909cbfdb754f50cc7afd1789afcea405fb8099ac6a65c2bffacd342267d9e2521c0f98b4d2d6df8e9b1858018c18d418b0e33679f70ab754c65fe126fae513f4155970fef845c4f625f2d000da89f563542132fcb1b85e0ce4b068f1fb962d4ebb9723ae3fd949d387da67546eb383390e9955fe7a0f5fb617861038238304bc372ceeb7aa260931248cfcdcb0ab821b2cca78f60e45eb4aed2c76bbc748b42e38786e91e0a4bf8f7495f5e252400ae5862e96aeaa3c5a6b8160c83f0ccd4b425042107fda92f8a2c00e6f9c9ddf7b2081569f40a3fe3b93a2463011bb55f5f81a6207613182ba988edf5bb255f7120c29fef8a2477c0f8b6057e47b825feb294fc9bf1c5bf284a05572d88f92da7b363ffea88872fc0073839586406d185e9554113dae86a0182e492da02b5f6d033b6ed22ff4a922c1ea5a5da90463a506b6cc71533978da0fd077cf3332b9931ede21520653ba5efe0fc6a6e17564d5e321c261a12733b5e31ccb71a4a28fb8d95b2c7240bad8c5145d3e66d7a3a7466f03c772763740a7807550a9f19e80d04bdddd3342bad1a9ce91efbd87d5fcbd79a7818584e527e083cd75756467afd819de85a7034b8880834fbe557a188ac58be49cbe05504032a4d3e9c598e57954da0015f0548ead903af30f2072bc461f3070ff15d8711008dcee7355223d1635e1be208a8b4c6fd9885287cbcc77e31d54f03c48c6ffb33b27d03991e01b51558eb5f50522d5df4b77486ac5044a492a894487450ec59b789a5d00a0184fb7decb459387e7a4f62aac86ad3076e9ec6919adf0042231c438ae2ac5e87d2e28c4acead86eae7bb6486d5005686c1ac7d159af6ae12d7b931b2b690cde30814418dbeeb25c1e0b8d0665ede9ff941c7c621af56ab5372391b843bf75866863cc8b6f2fe70dfc6d4207fc46d541c0fc73a4c451274e223b00a69ff484bfbe526fe220ddc8c47236ad75fd787dde67500ddd16c575b9453314d2540b1a15b9d8dc0e0e9a8df2bc8f5faff8cc69fa0dbc688e11012cf4b7feb4b6c16f7ffc0d3367c82a6d4b681be6b6fb53ba0afa00f985ca641a368f2c7bf12f68fce88dbe2ec7fdf2eb2ec2f7713c1d96b94101c0ece8ac97df080584fd68c7ee4756ca519219b44b0a9b1685b2b3d70c3c9330c1d3a5bdc6e5a79ae91927b0b32b65f8f2dce10e6543ace8b679add3c40e82ba540f8e13fdeca4977afa6e4ae8c2d2edf80ee5430799ae1369a067938ebefe832e9da9a2ae3fffe00a94bb9534af1b9a2af3898fad89c78ab9d04663a2ae0d1e8acc18d3423ba14a37654741e8741618747a8f9272e5a33d91dc99feb6669b662523384303e33f79ebb5fc9092b8ea1280f718d7283347b6641df8393f8271e1c9512f3b11c61cf43a0d26e02549665b888e9ca46bfe346fbf99988348a11d07d1f9f0d17fbbe2d05d33d74ac8c93f6f51a0c1afa8e9b139dab50c746f174252a648f453d29f99342347a3e0e1707ed9e74a41c2acaddf5c94229da3bafd67d976a7b15a354a207397a5cb90b58f81c57dd819876bf77032e758f2b0034af73270e5ea460ea19c73e869a4d5a3fda062c5b5650cc9e2f1c76d4a35e5835387d72831296e878edeace9052901e09f5f16c2d67c74e841b7e79500cf582bd1ef9274076c933d9d9df9cc8e18f48e68868a3cb390b5be2a9a4fb5fdada491edec82334c4be931edc6d0b934e7b557b334dbf7793c1421b64f4d7568bc628e8cb88e2efd6933dc92f87eda05d63be8a518da5585ec9e6b08d409517c052326fa8b37580c235105833c669ab0403877dd60cb6a41ec21bf488065070ab9c4c336a7a6cf6f7dd8751e92f66cff87608f892d0c3b7256f2ee508245b372e79cad4b7a8c965fc852c3c9a2975b58d95f033af9750cde6febc770b249cf3ea11f5ac07982bef3927d91a2869caed8786bacfbd8a55138d3ed212d7493e514773b8ef50f615fbe520cebd1f876b4d612242cea1de97941f5747922a5646f9cdc253e83c020fa6884335a8fec90f0ccb1728381dae27f5515d1e6da8644636a51dd030122ea89bac78ea262b2153a1438967764cbd481188f5372eff1208120c8766456365379a11bea4421a659e2310de1119a16e381a88d06bd941da25f206978d9f5b393966e592eca0c430b6e98bdfd974d130fb1e79ea646b8c0de4324aef69f134395ee9294f014eeb26c1b039b5c8dbd59289de846a61bccc507145538c6f2f17af65d6abd68c90b44bc42da530ce613a6f30b3304244108295230f3dc22001042db7f0dbfefa7aa411f7031a969e89a2fdb3370a34b6752dc5141ab5ce772ff5e7efe458ca67cba5197db990568bc0ddef6bb9170febacb3e9c995279dd2194c394813a9c2abea9a64d1a2b3d81a4b0493df903fff03acab2c3f9f37cc4cd7ab44bc8699b1473835e7eae083ff5daa373f89ffec79171942a2f6f7009cbea0f4be415ba8716d2519cda35aa22b905c36d0939e615f42bfc093b5aa18929b3013c9afaee4bbaa44b8dda206814e7e1607ff05737140749645c09091c4d5fdb73cf464c0dc0c0840d897a032ada06a9d3ef3b0f2aa6c6a6543c37d4c77619d9464b8826072c1339043baf1cfa91116c0bdbc07c49f918619d04a638580d8a07615afeff3e8409b78d7ec412712c43ff70ebad1d5b2f6f28281f581a3a066ca09030ff3ab159185a0a594950d90bec70affb89e145387b070ef0051ac335a2b4268a754683f444c85d5289e572b18d181b09d072f12663ab70e6009bbb4a98422e4308319b819192b16761ac725f19b096200584ac46cc41e85733932543cefada04c3a6e1fba3636a0aeef581a426a607e8c5360b2f003987c5fc7701df513cc5e45771ce297084089d09f80c240cbb9de3abf000c032953a9ff144724517f9044af9bb2eb5b66a0b79861d31b2c4b49758405edb5143b0853e1a9adba14e5ce03768dc2b04fae84cbe2e68e2b887b3f029dd30a31de9b756b69acf76737b071f9f722ed568c324b4a8733ee645a4d71a610ce68dd4cab2786bb1e8c167cb573306da3fa24b345dda843a6bb5868429f9c8dee7815774e51f017dae899ffeedeb9658e49ebdf1764bbb42ef6dd01bc65b2995a85ab8355cf1bf837db194b1ad5ae688de32d0ce1dfc8066423525232271f97678d4d6f8e47f12b90cf969d2191f051e4b1152b376a37ff2cc989dffccc9d0c05517e0a66ea1f694317f5ec5bb69ac7a0fd235eda9dfc4d017b48384118603dd6b71ce544b46dc96fd64d0f1776fe9bc059b2533c5e3a93df984781fbb7d0ceae872b0274a942ad90626fdacc4008b7dfae5e233954d6f63c4bd84b701c9f9714ef22f20e6e18808dfe20c7b98f08b14bb8c6dc2354530e6f2d46e54db771ff6a942ecb22770bda18f81189650bd0aa75e68d84bf27eecc2d8119f467e15f4e668f1989a0268f1d1cf6fda6581fed61394807920ce1e683f9afbfab9bc1292eda72f9e8ae1f39afcf7d77d115a28c42c547fc2cbb5d1f4aa05843298f7f3d3fda208f62d44aa9048a1d5c353713427d1fd20f34db8638218e5da821498f663839c59b276b88ac5f24b4216574f1744496cb8f3c12bdc16e2fc76d0c53a1f7b2635e15e8fe0609b524cc5a2548e3578fd036115a2a879095c8e8187a7656e584c57771bed274c634d4372f9c030a3dcd42623914583205aaa4da3a4bcd5b18929e61bbb5b39e665940ec18cf6117b3f6862a33983fb701503feb8097cac7b258bcf02fcc536756947fc67692670cb156ef946bd90f6dae34240fab870e6bf886beb1efe06668d4a9e1124f1d6af5a3109d1514e46c87b4bba6983500432b2a1e3fd5be73fbb8d94dbbaa21b9a3beae80ba0cbe436fe20d9e091cef1ee2e30a6a8f716f82e7dae936c655cb7496337a62f320fe38a57b05016dcdbcf8c3258b57f46d24ff4bb66ed2217c3c6287d8d85217502a57dc9a7f8960e019d3fece7620c8eb9aab354a99daba4a9c1cf1e18525bf443ddeee622a5c0857f47abcb071a4fe5f7d0385bb572633e97a09cb5b08fbb0fde1a9bdfe3d4f13d104cca9095cbbd8a84c597e9c49fb960090d4126d593bf078ffb802b41aaf928104780d38ced0dccadea061af8e4e5f57627f328a2065abf84e6a6033ff9e167b7d46601693dc59643ead87a0cf1d0ef050b43eee1957a9f805c6d7a2b3adf4522eefb47fe4c603ac842c65f986d5825f273db18fe3f0fa632911816be61f33086292b80e52dc4bdc83c91e88dbd1001ba6552ab28e80511cf62eaad6a716b7e04a3255f681e1f20da99f5e359822f86b741518b087c5a0fcff30e132396882e128d823b106b2c51039d97616494f07d8b22f758b113c67c517560854943932fe732c9cb2215f454ea712289867b479648d2b8eff2d90760d935989bedce584dc0ac398329341c14c254d316a5e6103353678be1d4ef28767e55f17400b79c2040de4760920bc9a0661febe0c693f7ceca64d5c64c89e06ee240928f245563777d1d8d6180fe6dc1db621de2767d4d5451781519de4d53f937997df8c4a74f7483c1d105680b8b965adb8653efcf4990c21900668766af03644c3e46749c5c003f7f10564e79fe02a307d78d7ff65e6a99bca9f6a644271b7b59336ccbcffe1aca2b4c022394d3141fd5c967e7f882907fdb428f9061ef606f1152613f03fba2d6bb84042cfc79a5f6ffbe8bb80f513a49acb96d231c1bf8354a8bb84b4526cf6f7941380f6a0aed648ff30f18b5b8ffe720a601615147f43874c8d2d9ad482365d5050195722fe9b0ddf0ff890fe62c03e919c7084ab92eba301e7b1f3bf421d083546353d17de21121aa9b01ac6c35f2182c5fb2ee000d7e45060e8687196706763fdcd08c6fd83f1aac47f187840b1819d34de14c0e3bec6741f1b767ba6d912c18bad59bc7e8becf8332988e174881d4e8b69927130b81db06d7fed8e759e852ec9d4385234cfd6a67272b6a81c22822a7c25c993982f9490b0787615e163f0fbe13246bea6b0643c3306e9caf03260e1a2da7ae2453707d4ff4a2c73da58f6b1330cc009cb7a33570face8739fe26a1d482432c92ac470f166cfdbb3fe763753dae8af7d9d434c72319656b56d124b2147a10147bca404f2d6d708423bd931c800e1f8072129e2e582264f923ff64b7500d8dff81ffecbef11486113df8a986242a32349bccbc41a173000fa98f44d7ec05772a5dcf6771b6f3eea4dc4378bbd34e65b742fa8e90ce8c89de1d6239bf5622b5d7fd491dc7b68a1649c554a751acfc820d50c080bf8de7e7d7ab0dd51d1dfd9a0e02463ea04383fa24ae6816d9458ac252c7792b7dcbdd6be697b1cebe19291733e4159d9fe98b7c9ee20eefb58438c0ca6b04e5072b7184d4b5bf8e54199c50886511f4744c97e7ae1132c50703823923347f2ef6d12fb3ec580fbe9fd19aa76b040103e18bf5871a97696d46f8130c413f35a41e9c96635c15d9940d6be3e2a203453d7833fee96386110c70c4480ee3388ba019b715560314a388e59c20700ee0e133e09f972650abfaaae8bb7cf9f7a578ff9b4aa923e75b77a562e357464e3cd1074809fcc836cf18f8860ffb6f8207b24f6a80cfa99794b3742ebd449fbdbb8b6f47739839c1f173373ec0fb94e5c1ae170eb74f99fc75d94dc128b5473b2c1b009f3aad23ebf98b91298071df17f02377e94b5520666a907043290878c26045ce217c4254854d9e280e8ae9b5771c233039d7eb13009a0a28b3037574cef6477c3708e2e93f3256eba70eff38287113e177b6e5160ef69317bdbdacb94c3ec64a35cec008ab463052ab2d252fcaa8017b6b18a75018eccf9c150954bc35c4288ebf2613f7c16254d95210905fdd1d199900a8a28b8876ac1f26ae7be63336a908e01e59dc83a8a41eac2658211cc69426b4eb5e1e605ec2ac8f6b0ea99c93ec780608385453cebeece3017e5f102271a83a517f681f17f3cb1d00101feb5c58017cc80153dd5527d0043cdcc511d049b9c769d8915dc1563a874c4efb16d5ae6d08234d50c7e51f5f71fb6af9e2f7e85cb2123aaccd6b3e538d2f079c2cd757a52edd39f9fcb9e35c53819ebfcbcceed68cbe062071e7875d8e3140c1a2c029eae6c3ee34e865415bc5bf8572c59f87070a2ef0ba844d0763f994a8fd3a6eafc4350ba109c4671d6c5d488fff80c56a3416033aa6905d14ee7bc4445903e0459164f695364217dc85204dda1f174ab93fba30aaf8ad70f0a8f2fe7118b4ff018de5989040accb4ba322b8d7af1aa265afda1fd23634936733e046cdc3352dca85a2aa6278b5c9cc09a492674fd8d2480b04ac6b947a3d52cc48c6f42062655fe9ec293ae2ee3024648f551ef34876fc71b8821e147880ee1d6c24acebb603043a495e90393d587c4ee6044636909fc539b7b14724ac3f8a7242d941b926b40f2066aeda717be663c453789e89a3df26b235fe86d19eb02e021998215c7b472c365a24e7c811f52ec61e79d6268350d728a2365deaaab1a312847af6b0aed0a01631a742dca40fde20f47b63b0ed6de6991f8a2c177464e7509555b1526fc6938bb05867bff43e8513795589cb6527107f79401995d04c408f8895b2a9156ec6f0389d19ea2b045c97b7e2269989d8e08934cabe9f373fd30960cf6223ddd0fcab7eaa187d7c74f602610566886b4699359e5a0a7b657565d112f95ead140161072128942cf6cf16b4ecd916c13d7bfe50928eb4c3598a5f4b12fb4b423d1c9f8a33c455c9a24a29c915a77cf087fff4fbb9f4ade2da8d07db31f005aae36b2c7d83c12861db985c4981e606f9897fa170d4638879e60be0a38a37425426c680323ee65d432cb4f0f3a022c63599782fa6026d74fcfc31cdef5bef9725cfba11250def64e9b8873d52387c541047e2635b5ffc17809845030566498428c167b14ad234158d1f5ead2049b688d9a77b8c0344ba273c8b9f1207336774f20b1198064f0e1888389c65c11f3957ae273268562c50ef6108399d1584e5d4830644ac3041e0cee2f9480502aea950b8da816361d6a56e7a78a0e7fe3c23904c9331fa861eed1865f7cd311b37dc1141ade76809a35df1cbc04ef9d3f922cf518ea53d7203eaaa55e49f9169fc6238a34524507fd0f1878af76ccfdc73882022ca5409999e213476b522881c87ad847fd84627753477f18ac72b723862ccc8f529ade430d5e366d0f0d28d9935985bbad504d3fc56ebc2034630ff4a42306bf38e05c715aa58a4058cc16b7590931443555a3c63fe5f989b9dc7a7a40112edcff6abb6b6d3fe85cb6fbef738f3ed1b12d8ff69dad3039080c44b94f755217eaacec641aa8d1ad0ba9d52c7b43d91421fa3be242c8135ceb768e8b2a77852060bbe05536cd18001ccceeec2bc9fb00", 0x2000, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

5.785814307s ago: executing program 7 (id=2908):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f00000000c0)={0x0, r0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000}, 0x94)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000340)=ANY=[@ANYBLOB="f8000000190001002dbd70000000000000000000000000895fa6270000000000fe8000000000000000000000000000bb0000000000000000", @ANYRES32=0x0, @ANYRES32], 0xf8}}, 0x0)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r1, &(0x7f0000000280)=[{{&(0x7f0000003e80)={0xa, 0x4e22, 0x5, @mcast1, 0x6400}, 0x1c, 0x0}}], 0x1, 0x4008810)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
r3 = getpgid(0x0)
r4 = syz_pidfd_open(r3, 0x0)
pidfd_getfd(r4, r4, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480b0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
r6 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000300)={'bond0\x00', <r7=>0x0})
socket$nl_route(0x10, 0x3, 0x0)
pipe2$9p(&(0x7f00000003c0)={<r8=>0xffffffffffffffff}, 0x84880)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000380), 0x10800, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@directio}, {@posixacl}]}})
r9 = socket(0x10, 0x803, 0x0)
bind$netlink(r9, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
getsockname$packet(r9, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket(0x1, 0x803, 0x0)
getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001400)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r7}, @IFLA_MASTER={0x8, 0xa, r12}]}, 0x44}}, 0x0)

5.617396088s ago: executing program 1 (id=2909):
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x6c, 0x2, 0x1, 0x3, 0x0, 0x0, {0x0, 0x0, 0x3}, [@CTA_HELP={0x14, 0x5, 0x0, 0x1, {0xf, 0x1, 'netbios-ns\x00'}}, @CTA_ID={0x8}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @rand_addr=0x64010101}}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000071000100000000000000000007000000", @ANYRES32=r1, @ANYBLOB="0c000180080001"], 0x44}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x50}}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f0000000000), 0x400000000000235, 0x0)

5.304398867s ago: executing program 1 (id=2910):
r0 = io_uring_setup(0x516, &(0x7f0000000640)={0x0, 0xddaa, 0x1, 0x503fa, 0x8100014e})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xfe, 0x7fff0006}]})
openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000240), 0xa2003, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000280), 0x1ff, 0x140)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f00000000c0)={<r2=>0x0})
ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, &(0x7f0000000300)={r2})
close_range(r0, 0xffffffffffffffff, 0x0)

5.013087711s ago: executing program 2 (id=2911):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={0x14, 0x0, 0x5, 0x401, 0x0, 0x0, {0xa, 0x0, 0xa}}, 0x14}, 0x1, 0x0, 0x0, 0x854}, 0x4004000)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r2, 0xfffffffc)
ioctl$sock_SIOCSIFBR(r1, 0x8941, &(0x7f0000000180)=@get={0x1, &(0x7f00000000c0)=""/53, 0x6})
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, r3, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0)

4.947624521s ago: executing program 1 (id=2912):
sendmsg$sock(0xffffffffffffffff, 0x0, 0xc805)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20f42, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'\x00', 0x6132})
write$cgroup_subtree(r0, &(0x7f0000001480)=ANY=[], 0xc54c295c)

4.742586792s ago: executing program 7 (id=2913):
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
shmctl$IPC_RMID(0x0, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x70, 0x103301)
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000200))
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x40, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x40, 0x1})
ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)

4.625394071s ago: executing program 1 (id=2914):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x40000000015, 0x5, 0x0)
close(r3)
fcntl$setstatus(r2, 0x4, 0x800)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000300)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {0x0}], 0x2}], 0x1, 0x800)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)

3.155215281s ago: executing program 7 (id=2915):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
io_uring_setup(0x1d48, &(0x7f0000000340)={0x0, 0xb140, 0x1000, 0x6, 0x196})
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r0 = syz_open_dev$usbfs(0x0, 0x77, 0x41341)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
io_setup(0x8, &(0x7f0000000180))
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
bind$rxrpc(0xffffffffffffffff, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(0xffffffffffffffff, 0x4)

2.327330649s ago: executing program 8 (id=2916):
bpf$PROG_LOAD(0x5, &(0x7f0000002a00)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x9, '\x00', 0x0, @fallback=0xd4e50d047ad728e5, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f00000004c0)=[0xffffffffffffffff], 0x0, 0x10, 0x3}, 0x94)
r0 = socket(0x10, 0x803, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_int(r2, 0x29, 0x4e, 0x0, 0x0)
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
pipe2(&(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
write$P9_RGETLOCK(r5, &(0x7f0000000ac0)=ANY=[], 0xffffff6a)
pipe2(&(0x7f0000000240)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x800)
splice(r4, 0x0, r6, 0x0, 0x10003, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3800000056000100000000000000000007020000", @ANYRES32=r0, @ANYBLOB="200001"], 0x38}}, 0x6404481c)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r7)
rmdir(&(0x7f0000000040)='./control\x00')
r8 = openat$cgroup_freezer_state(r7, &(0x7f0000000080), 0x2, 0x0)
write$cgroup_freezer_state(r8, &(0x7f00000000c0)='FROZEN\x00', 0x7)

1.756980041s ago: executing program 2 (id=2917):
socket$nl_generic(0x10, 0x3, 0x10)
statfs(&(0x7f0000000000)='./file1\x00', 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x20, r2, 0x1, 0x70bd25, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x808)

1.755982442s ago: executing program 1 (id=2918):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380))
openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000b40)='./file1\x00', 0x0, 0x100, 0x12345})
r0 = syz_io_uring_setup(0x16b, &(0x7f0000000240)={0x0, 0x40, 0x10, 0x1, 0x34d}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffff9, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x47bc, 0x0, 0x21, 0x0, 0x0)

608.843029ms ago: executing program 37 (id=2882):
openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x20800, 0x0)
socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wlan0\x00'})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffdffffffffff, 0xfa11, 0xffffffff}, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
ioprio_set$pid(0x2, 0x0, 0x2007)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$sg(0x0, 0x5dc, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
io_uring_setup(0x1684, 0x0)
syz_open_dev$vim2m(0x0, 0x8, 0x2)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(twofish)\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x800)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r5=>0x0})
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000b80)={r6, r5, 0x25, 0x0, @val=@netkit}, 0x1c)
syz_emit_ethernet(0xfdef, &(0x7f0000000400)=ANY=[], 0x0)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {0x0}], 0x2}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)

520.573622ms ago: executing program 1 (id=2920):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000080), 0x1)
sendto$inet6(r0, &(0x7f0000000180)="6cf815", 0x3, 0x0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x4000040, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000140)='J', 0x20000, 0x4800, 0x0, 0x0)

340.632891ms ago: executing program 8 (id=2921):
r0 = socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000412ff8)="63429860415b7ac7", 0x8)
r4 = accept(r0, 0x0, 0x0)
sendmmsg$alg(r4, &(0x7f0000000740)=[{0x0, 0x0, &(0x7f00000002c0)}], 0x1, 0x0)
recvmsg(r4, &(0x7f000000b680)={0x0, 0x0, &(0x7f000000b600)=[{&(0x7f000000b500)=""/153, 0x99}], 0x1, 0x0, 0x0, 0x1000000}, 0x0)

0s ago: executing program 7 (id=2922):
r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
ptrace$ARCH_GET_FS(0x1e, 0x0, &(0x7f0000000100), 0x1003)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee3, 0x8031, 0xffffffffffffffff, 0x756be000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)=ANY=[@ANYRES32=0x0, @ANYBLOB="0400000200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000001aa30000000000000000000000260bbc0000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000640)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000f6ff00007b8af8ff000000000000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008000000182300007f22c4c6e3df645221e8f1c636d72375c0671cdc0f08525592a1e3d6313b937cffbbee2d4ce179f16731ad70cfab07e0630a0be4d20bcf71aa10b4502bc3638b2dffbf0d0a652ffcc216fb1a6a375bbfbd30478a7c161d45ec0ddbd5e5f19608bb19e34decb078a62ffeb0", @ANYRES32=r4, @ANYBLOB="0000000000000000b70400000800000085000000950000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r5, 0x0, 0x27, &(0x7f00000000c0)={@multicast1, @local}, 0xc)
setsockopt$inet_msfilter(r5, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e0000001ac1414aa00000000"], 0x1c)
setsockopt$inet_mreqn(r5, 0x0, 0x25, &(0x7f0000000080)={@multicast1, @local}, 0xc)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r0, 0x0, 0x0)
r7 = openat$cgroup_int(r6, &(0x7f00000001c0)='cgroup.max.descendants\x00', 0x2, 0x0)
sendfile(r7, r7, 0x0, 0x81)
setsockopt(0xffffffffffffffff, 0x84, 0x7f, &(0x7f0000000240), 0x0)

kernel console output (not intermixed with test programs):

y change from 0 to 2048
[  369.627631][ T8591] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  369.853651][ T8597] netlink: 8 bytes leftover after parsing attributes in process `syz.2.809'.
[  369.865662][ T8597] netlink: 12 bytes leftover after parsing attributes in process `syz.2.809'.
[  371.725034][ T8010] 8021q: adding VLAN 0 to HW filter on device bond0
[  371.751946][ T5835] Bluetooth: hci7: command 0x0405 tx timeout
[  371.760785][ T8010] 8021q: adding VLAN 0 to HW filter on device team0
[  371.921658][ T8585] netlink: 4 bytes leftover after parsing attributes in process `syz.4.806'.
[  371.930492][ T8585] netlink: 'syz.4.806': attribute type 12 has an invalid length.
[  372.743328][ T8585] netlink: 4 bytes leftover after parsing attributes in process `syz.4.806'.
[  372.752811][ T8585] netlink: 'syz.4.806': attribute type 12 has an invalid length.
[  372.763724][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[  372.770943][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[  372.784021][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[  372.791248][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[  372.853318][   T13] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  372.878522][   T13] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  372.906644][   T13] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  372.931850][   T13] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  372.990201][ T8037] 8021q: adding VLAN 0 to HW filter on device bond0
[  373.240764][ T8037] 8021q: adding VLAN 0 to HW filter on device team0
[  373.313788][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  373.321009][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  373.387241][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  373.394470][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  373.610294][ T8642] netlink: 32 bytes leftover after parsing attributes in process `syz.6.827'.
[  373.700408][ T8037] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  374.231513][  T792] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  374.429704][  T792] usb 5-1: config 0 has an invalid interface number: 117 but max is 0
[  374.455298][ T8010] 8021q: adding VLAN 0 to HW filter on device batadv0
[  374.462285][  T792] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  374.494564][  T792] usb 5-1: config 0 has no interface number 0
[  374.524240][  T792] usb 5-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  374.544736][ T8037] 8021q: adding VLAN 0 to HW filter on device batadv0
[  374.577177][  T792] usb 5-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  374.619436][  T792] usb 5-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[  374.654637][  T792] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  374.683216][  T792] usb 5-1: Product: syz
[  374.696340][  T792] usb 5-1: Manufacturer: syz
[  374.723141][  T792] usb 5-1: SerialNumber: syz
[  374.773774][  T792] usb 5-1: config 0 descriptor??
[  375.463735][  T792] usb 5-1: USB disconnect, device number 7
[  375.827728][ T8010] veth0_vlan: entered promiscuous mode
[  375.896817][ T8010] veth1_vlan: entered promiscuous mode
[  375.972493][ T8037] veth0_vlan: entered promiscuous mode
[  377.509521][ T8037] veth1_vlan: entered promiscuous mode
[  377.566023][ T8010] veth0_macvtap: entered promiscuous mode
[  377.625628][ T8010] veth1_macvtap: entered promiscuous mode
[  377.714239][ T8010] batman_adv: batadv0: Interface activated: batadv_slave_0
[  377.835757][ T8010] batman_adv: batadv0: Interface activated: batadv_slave_1
[  377.872974][ T8037] veth0_macvtap: entered promiscuous mode
[  377.944029][   T49] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  378.026597][ T8037] veth1_macvtap: entered promiscuous mode
[  378.043261][   T49] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  378.091217][   T49] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  378.100002][   T49] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  378.256145][ T8037] batman_adv: batadv0: Interface activated: batadv_slave_0
[  378.405312][ T8037] batman_adv: batadv0: Interface activated: batadv_slave_1
[  378.450987][ T1158] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  378.501592][ T1158] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  378.602218][ T1158] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  378.616784][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  378.643667][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  378.650630][ T1158] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  379.062448][ T8738] loop2: detected capacity change from 0 to 1024
[  379.079269][ T7873] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  379.140513][ T8738] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  379.142921][ T7873] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  379.210865][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  379.230583][   T31] audit: type=1800 audit(1769456629.327:427): pid=8738 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.850" name="bus" dev="loop2" ino=18 res=0 errno=0
[  379.289451][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  379.423600][ T5825] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.503504][ T1158] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  379.533064][ T1158] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  382.493769][ T8668] syz.6.834 (8668) used greatest stack depth: 18456 bytes left
[  382.898588][ T8830] loop7: detected capacity change from 0 to 764
[  386.205948][ T8880] netlink: 20 bytes leftover after parsing attributes in process `syz.7.893'.
[  386.258958][ T8880] netlink: 8 bytes leftover after parsing attributes in process `syz.7.893'.
[  387.108740][ T8900] loop7: detected capacity change from 0 to 128
[  387.278435][   T31] audit: type=1800 audit(1769456637.377:428): pid=8900 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.901" name="file1" dev="loop7" ino=1048632 res=0 errno=0
[  387.393117][   T31] audit: type=1800 audit(1769456637.457:429): pid=8900 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.901" name="file1" dev="loop7" ino=1048632 res=0 errno=0
[  387.399294][ T8900] FAT-fs (loop7): error, invalid FAT chain (i_pos 548, last_block 8)
[  387.507703][ T8904] netlink: 'syz.6.902': attribute type 1 has an invalid length.
[  387.540064][ T8900] FAT-fs (loop7): Filesystem has been set read-only
[  387.606662][ T8900] FAT-fs (loop7): error, corrupted file size (i_pos 548, 522)
[  387.685428][ T8907] loop8: detected capacity change from 0 to 512
[  387.707541][ T8907] EXT4-fs: Ignoring removed oldalloc option
[  387.804876][ T8907] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  387.893114][ T8907] EXT4-fs (loop8): 1 truncate cleaned up
[  387.986023][ T8907] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  388.031289][ T8914] loop6: detected capacity change from 0 to 764
[  388.156378][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  388.163756][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  389.622555][ T8037] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  390.314501][  T792] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  390.421612][ T8942] loop8: detected capacity change from 0 to 512
[  390.454610][ T8942] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  390.503222][  T792] usb 8-1: Using ep0 maxpacket: 32
[  390.522138][  T792] usb 8-1: config 0 has an invalid interface number: 126 but max is 0
[  390.546800][  T792] usb 8-1: config 0 has no interface number 0
[  390.553332][  T792] usb 8-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023
[  390.566819][  T792] usb 8-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8
[  390.577523][  T792] usb 8-1: config 0 interface 126 has no altsetting 0
[  390.585520][ T8942] EXT4-fs (loop8): 1 truncate cleaned up
[  390.598284][  T792] usb 8-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c
[  390.602135][ T8942] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  390.609566][  T792] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  390.628406][  T792] usb 8-1: Product: syz
[  390.632837][  T792] usb 8-1: Manufacturer: syz
[  390.637449][  T792] usb 8-1: SerialNumber: syz
[  390.648387][  T792] usb 8-1: config 0 descriptor??
[  390.659576][ T8935] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  390.667282][ T8935] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  391.169247][  T792] ir_usb 8-1:0.126: IR Dongle converter detected
[  391.245551][ T8037] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  391.378617][  T792] usb 8-1: IRDA class descriptor not found, device not bound
[  391.656624][  T792] usb 8-1: USB disconnect, device number 2
[  391.893912][ T8964] loop6: detected capacity change from 0 to 512
[  391.959449][ T8964] EXT4-fs: Ignoring removed oldalloc option
[  392.010309][ T8964] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  392.116623][ T8964] EXT4-fs (loop6): 1 truncate cleaned up
[  392.176738][ T8964] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  392.863839][ T8988] loop4: detected capacity change from 0 to 764
[  394.368255][ T9002] loop2: detected capacity change from 0 to 512
[  394.412799][ T9002] EXT4-fs: Ignoring removed nobh option
[  394.518067][ T9002] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  394.630223][ T9002] ext4 filesystem being mounted at /167/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  394.995301][ T5825] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  395.762706][ T6666] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  397.686854][ T9060] loop4: detected capacity change from 0 to 512
[  397.686865][ T9061] loop8: detected capacity change from 0 to 764
[  397.958216][ T9060] EXT4-fs: Ignoring removed oldalloc option
[  398.827750][ T9060] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  398.922714][ T9060] EXT4-fs (loop4): 1 truncate cleaned up
[  398.980214][ T9060] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  400.133020][  T114] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  400.192157][ T9086] xt_hashlimit: size too large, truncated to 1048576
[  400.311427][  T114] usb 3-1: Using ep0 maxpacket: 32
[  400.337591][  T114] usb 3-1: config 0 has an invalid interface number: 126 but max is 0
[  400.373195][  T114] usb 3-1: config 0 has no interface number 0
[  400.409577][  T114] usb 3-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023
[  400.483229][  T114] usb 3-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8
[  400.547276][  T114] usb 3-1: config 0 interface 126 has no altsetting 0
[  400.605871][  T114] usb 3-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c
[  400.646498][  T114] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  400.764151][  T114] usb 3-1: Product: syz
[  400.768377][  T114] usb 3-1: Manufacturer: syz
[  400.769058][ T9093] netlink: 12 bytes leftover after parsing attributes in process `syz.7.967'.
[  400.841053][  T114] usb 3-1: SerialNumber: syz
[  400.884345][  T114] usb 3-1: config 0 descriptor??
[  400.888127][   T49] netdevsim netdevsim7 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  400.898432][ T9093] netlink: 12 bytes leftover after parsing attributes in process `syz.7.967'.
[  400.938259][ T9084] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  400.956056][   T49] netdevsim netdevsim7 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  401.005399][   T49] netdevsim netdevsim7 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  401.030433][ T9084] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  401.080955][   T49] netdevsim netdevsim7 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  401.205946][ T5826] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  401.410744][   T31] audit: type=1326 audit(1769456651.497:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9100 comm="syz.6.971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faba579aeb9 code=0x7ffc0000
[  401.524425][   T31] audit: type=1326 audit(1769456651.507:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9100 comm="syz.6.971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faba579aeb9 code=0x7ffc0000
[  401.595238][  T114] ir_usb 3-1:0.126: IR Dongle converter detected
[  401.611002][   T31] audit: type=1326 audit(1769456651.537:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9100 comm="syz.6.971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faba579aeb9 code=0x7ffc0000
[  401.772496][   T31] audit: type=1326 audit(1769456651.547:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9100 comm="syz.6.971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=12 compat=0 ip=0x7faba579aeb9 code=0x7ffc0000
[  401.783660][  T114] usb 3-1: IRDA class descriptor not found, device not bound
[  401.951507][   T31] audit: type=1326 audit(1769456651.547:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9100 comm="syz.6.971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faba579aeb9 code=0x7ffc0000
[  402.104532][  T114] usb 3-1: USB disconnect, device number 13
[  402.151304][   T31] audit: type=1326 audit(1769456651.547:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9100 comm="syz.6.971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faba579aeb9 code=0x7ffc0000
[  402.250637][   T31] audit: type=1326 audit(1769456651.557:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9100 comm="syz.6.971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faba579aeb9 code=0x7ffc0000
[  402.347925][   T31] audit: type=1326 audit(1769456651.557:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9100 comm="syz.6.971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7faba579aeb9 code=0x7ffc0000
[  402.463940][   T31] audit: type=1326 audit(1769456651.557:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9100 comm="syz.6.971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7faba579aeb9 code=0x7ffc0000
[  402.489978][ T9114] netlink: 8 bytes leftover after parsing attributes in process `syz.1.976'.
[  402.498839][ T9114] netlink: 12 bytes leftover after parsing attributes in process `syz.1.976'.
[  406.246783][   T31] audit: type=1326 audit(1769456656.347:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9159 comm="syz.2.986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ffaf9aeb9 code=0x7ffc0000
[  407.122905][ T9168] loop2: detected capacity change from 0 to 512
[  407.175324][ T9168] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  407.494511][ T9168] EXT4-fs (loop2): 1 truncate cleaned up
[  407.545182][ T9168] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  407.639735][ T9176] loop6: detected capacity change from 0 to 2048
[  407.766216][ T9176] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  407.868961][ T9183] loop7: detected capacity change from 0 to 512
[  408.004369][ T5825] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  410.121609][ T9176] netlink: 8 bytes leftover after parsing attributes in process `syz.6.990'.
[  410.130540][ T9176] netlink: 12 bytes leftover after parsing attributes in process `syz.6.990'.
[  411.906395][ T9209] random: crng reseeded on system resumption
[  412.414392][ T9217] netlink: 1096 bytes leftover after parsing attributes in process `syz.6.1002'.
[  413.922453][ T9233] loop2: detected capacity change from 0 to 128
[  414.171472][ T9237] loop6: detected capacity change from 0 to 512
[  417.144386][ T9253] loop2: detected capacity change from 0 to 128
[  418.015439][ T5835] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  418.032456][ T5835] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  418.041221][ T5835] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  418.105070][ T5835] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  418.119815][ T5835] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  418.350136][ T9279] tipc: Started in network mode
[  418.410008][ T9279] tipc: Node identity 7e7e827728c3, cluster identity 4711
[  418.441866][ T9279] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  418.491228][ T9281] syzkaller0: entered promiscuous mode
[  418.496759][ T9281] syzkaller0: entered allmulticast mode
[  418.665728][ T9279] tipc: Resetting bearer <eth:syzkaller0>
[  418.767166][ T9275] tipc: Resetting bearer <eth:syzkaller0>
[  418.935633][ T9275] tipc: Disabling bearer <eth:syzkaller0>
[  420.231131][   T52] Bluetooth: hci3: command tx timeout
[  420.453721][ T9272] chnl_net:caif_netlink_parms(): no params data found
[  420.977582][ T9315] loop6: detected capacity change from 0 to 2048
[  421.027488][ T9315] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  421.065016][ T9323] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1034'.
[  421.317726][ T9328] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1011'.
[  421.327875][ T9328] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1011'.
[  421.341494][ T9272] bridge0: port 1(bridge_slave_0) entered blocking state
[  421.523049][ T9272] bridge0: port 1(bridge_slave_0) entered disabled state
[  421.801042][ T9272] bridge_slave_0: entered allmulticast mode
[  421.945869][ T9272] bridge_slave_0: entered promiscuous mode
[  421.999393][ T9272] bridge0: port 2(bridge_slave_1) entered blocking state
[  422.009767][ T9292] loop8: detected capacity change from 0 to 128
[  422.032542][ T9272] bridge0: port 2(bridge_slave_1) entered disabled state
[  422.039830][ T9272] bridge_slave_1: entered allmulticast mode
[  422.130091][ T9272] bridge_slave_1: entered promiscuous mode
[  422.197528][ T9330] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  422.315292][ T5835] Bluetooth: hci3: command tx timeout
[  422.604727][ T9272] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  422.689365][ T9342] random: crng reseeded on system resumption
[  422.708620][ T9272] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  422.895000][ T9350] loop7: detected capacity change from 0 to 1024
[  422.926838][ T9350] EXT4-fs: Ignoring removed bh option
[  422.938385][ T9272] team0: Port device team_slave_0 added
[  422.949167][ T9272] team0: Port device team_slave_1 added
[  423.118601][ T9350] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  423.220230][ T9272] batman_adv: batadv0: Adding interface: batadv_slave_0
[  423.238776][ T9272] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  423.344231][ T9272] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  423.527549][ T8010] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  423.527785][ T9272] batman_adv: batadv0: Adding interface: batadv_slave_1
[  423.545211][ T9368] loop2: detected capacity change from 0 to 764
[  423.640951][ T9272] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  423.869718][ T9272] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  424.391420][ T5835] Bluetooth: hci3: command 0x040f tx timeout
[  424.847618][ T9386] loop8: detected capacity change from 0 to 2048
[  425.017475][ T9386] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  425.126175][ T9272] hsr_slave_0: entered promiscuous mode
[  425.182245][ T9272] hsr_slave_1: entered promiscuous mode
[  425.191988][ T9357] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1303: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  425.211898][ T9272] debugfs: 'hsr0' already exists in 'hsr'
[  425.267849][ T9272] Cannot create hsr debugfs directory
[  425.284574][ T8037] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  425.459884][   T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  425.529311][   T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  426.469859][   T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  426.471259][ T5835] Bluetooth: hci3: command 0x040f tx timeout
[  426.882033][   T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  427.158262][ T9433] loop6: detected capacity change from 0 to 512
[  427.232544][ T9433] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  427.288935][ T9433] EXT4-fs error (device loop6): ext4_validate_block_bitmap:440: comm syz.6.1066: bg 0: block 393: padding at end of block bitmap is not set
[  427.335343][ T9433] EXT4-fs (loop6): Remounting filesystem read-only
[  427.338202][   T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  427.344170][ T9433] EXT4-fs (loop6): 2 truncates cleaned up
[  427.362170][ T9433] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  427.376727][   T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  427.432984][ T6666] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  427.603753][   T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  427.633416][   T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  427.786514][ T9449] loop7: detected capacity change from 0 to 2048
[  427.870396][ T9449] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  428.393635][ T8010] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  428.611020][ T5835] Bluetooth: hci3: command 0x040f tx timeout
[  429.684547][ T9476] loop7: detected capacity change from 0 to 764
[  431.097597][ T9272] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  431.197068][ T9272] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  431.290450][   T12] bridge_slave_1: left allmulticast mode
[  431.340469][   T12] bridge_slave_1: left promiscuous mode
[  431.386242][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  431.459307][   T12] bridge_slave_0: left allmulticast mode
[  431.512997][   T12] bridge_slave_0: left promiscuous mode
[  431.539841][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  432.173254][ T9513] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1089'.
[  434.272252][   T12] žÿ (unregistering): (slave bond_slave_0): Releasing backup interface
[  434.334490][   T12] žÿ (unregistering): (slave bond_slave_1): Releasing backup interface
[  434.374065][   T12] žÿ (unregistering): Released all slaves
[  434.647022][ T9272] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  434.668641][ T9549] loop7: detected capacity change from 0 to 2048
[  434.782687][ T9549] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  434.855440][ T9272] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  435.254726][ T8010] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  436.253757][ T9569] loop6: detected capacity change from 0 to 1024
[  436.265072][ T9569] EXT4-fs: inline encryption not supported
[  436.273103][ T9558] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  436.337451][ T9569] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  437.219428][   T12] hsr_slave_0: left promiscuous mode
[  437.288874][   T12] hsr_slave_1: left promiscuous mode
[  437.323253][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  437.356829][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  437.386600][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  437.406957][ T6666] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  437.439258][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  437.588593][   T12] veth1_macvtap: left promiscuous mode
[  437.632208][   T12] veth0_macvtap: left promiscuous mode
[  437.668446][   T12] veth1_vlan: left promiscuous mode
[  437.704812][   T12] veth0_vlan: left promiscuous mode
[  437.895084][ T9607] loop6: detected capacity change from 0 to 2048
[  438.018732][ T9607] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  438.188358][ T9611] loop8: detected capacity change from 0 to 2048
[  438.326640][ T9611] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  438.363000][ T6666] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  438.607611][ T9619] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1121'.
[  438.620175][ T9619] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1121'.
[  440.057286][   T12] team0 (unregistering): Port device team_slave_1 removed
[  440.089564][   T12] team0 (unregistering): Port device team_slave_0 removed
[  440.417482][ T9615] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  440.442824][ T9634] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  440.693027][ T9272] 8021q: adding VLAN 0 to HW filter on device bond0
[  442.182807][ T9272] 8021q: adding VLAN 0 to HW filter on device team0
[  442.302816][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  442.310028][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  442.429855][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  442.437093][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  442.646466][ T9653] loop2: detected capacity change from 0 to 1024
[  442.715367][ T9653] ext2: Unknown parameter 'mask'
[  443.202557][ T9669] loop7: detected capacity change from 0 to 8192
[  443.231233][ T9669] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  443.272536][ T9669] FAT-fs (loop7): error, fat_free_clusters: deleting FAT entry beyond EOF
[  443.282103][ T9669] FAT-fs (loop7): Filesystem has been set read-only
[  443.461358][ T9674] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  443.885564][ T9272] 8021q: adding VLAN 0 to HW filter on device batadv0
[  444.436101][ T9653] loop2: detected capacity change from 0 to 1024
[  444.482266][ T9653] EXT4-fs: Ignoring removed oldalloc option
[  444.536957][ T9653] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  444.662518][ T9653] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  445.162115][ T9272] veth0_vlan: entered promiscuous mode
[  445.234207][ T9272] veth1_vlan: entered promiscuous mode
[  445.390451][ T5825] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  445.414889][ T9272] veth0_macvtap: entered promiscuous mode
[  445.465847][ T9272] veth1_macvtap: entered promiscuous mode
[  445.585133][ T9272] batman_adv: batadv0: Interface activated: batadv_slave_0
[  445.675505][ T9272] batman_adv: batadv0: Interface activated: batadv_slave_1
[  445.749475][   T49] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  445.809938][   T49] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  445.851094][   T49] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  445.891335][   T49] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  445.938710][ T9734] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  446.488589][ T9758] loop2: detected capacity change from 0 to 512
[  446.744160][ T9758] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  446.835315][ T9758] ext4 filesystem being mounted at /209/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  446.871517][ T6009] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  446.879391][ T6009] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  446.996980][ T9758] EXT4-fs warning (device loop2): ext4_empty_dir:3097: inode #12: comm syz.2.1164: directory missing '..'
[  447.087728][ T6009] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  447.150954][ T6009] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  447.278693][ T5825] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  447.308541][ T6009] Bluetooth: hci4: Frame reassembly failed (-84)
[  447.667323][ T9784] netlink: 'syz.9.1015': attribute type 15 has an invalid length.
[  448.049074][ T9800] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1179'.
[  448.305830][ T9796] loop9: detected capacity change from 0 to 8192
[  448.339859][ T9802] loop8: detected capacity change from 0 to 8192
[  448.628922][ T9812] loop7: detected capacity change from 0 to 128
[  449.351801][   T52] Bluetooth: hci4: command 0x1003 tx timeout
[  449.359273][ T5835] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  449.597654][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  449.605279][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  451.606129][ T9862] netlink: 36 bytes leftover after parsing attributes in process `syz.6.1196'.
[  451.669117][ T9862] netlink: 36 bytes leftover after parsing attributes in process `syz.6.1196'.
[  453.027969][ T9880] loop9: detected capacity change from 0 to 2048
[  453.141036][ T9880] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  453.218042][ T9885] loop8: detected capacity change from 0 to 1024
[  453.904169][ T9891] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1206'.
[  453.927782][ T9890] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1204'.
[  453.957743][ T9890] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1204'.
[  455.555816][ T9910] io-wq is not configured for unbound workers
[  456.806609][ T5835] Bluetooth: hci2: command 0x0406 tx timeout
[  456.902232][ T9951] loop7: detected capacity change from 0 to 1024
[  459.567419][ T9967] loop6: detected capacity change from 0 to 1024
[  459.632193][ T9967] ext2: Unknown parameter 'mask'
[  460.175975][ T9980] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1234'.
[  460.353581][ T9983] kernel profiling enabled (shift: 17)
[  461.911417][ T5835] Bluetooth: hci7: command 0x0405 tx timeout
[  462.034773][T10012] loop6: detected capacity change from 0 to 1024
[  462.656603][T10019] loop7: detected capacity change from 0 to 1024
[  462.749908][T10019] ext2: Unknown parameter 'mask'
[  465.453842][T10074] loop7: detected capacity change from 0 to 1024
[  469.091238][ T5913] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  469.403169][ T5913] usb 7-1: too many configurations: 87, using maximum allowed: 8
[  469.414000][ T5913] usb 7-1: config index 0 descriptor too short (expected 64798, got 72)
[  469.429831][ T5913] usb 7-1: config index 1 descriptor too short (expected 64798, got 72)
[  469.447823][ T5913] usb 7-1: config index 2 descriptor too short (expected 64798, got 72)
[  469.473334][ T5913] usb 7-1: config index 3 descriptor too short (expected 64798, got 72)
[  469.495443][ T5913] usb 7-1: config index 4 descriptor too short (expected 64798, got 72)
[  470.200760][ T5913] usb 7-1: config index 5 descriptor too short (expected 64798, got 72)
[  470.282705][ T5913] usb 7-1: config index 6 descriptor too short (expected 64798, got 72)
[  470.333043][ T5913] usb 7-1: config index 7 descriptor too short (expected 64798, got 72)
[  470.364056][ T5913] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  470.375526][T10141] loop8: detected capacity change from 0 to 2048
[  470.431855][ T5913] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  470.439938][ T5913] usb 7-1: Product: syz
[  470.492628][ T5913] usb 7-1: Manufacturer: syz
[  470.497300][ T5913] usb 7-1: SerialNumber: syz
[  470.538295][ T5913] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  470.571732][T10141] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  470.758589][  T114] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  470.942912][ T8037] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  471.665565][T10129] Cannot find add_set index 0 as target
[  471.711073][ T9798] usb 7-1: USB disconnect, device number 7
[  471.811791][T10164] loop8: detected capacity change from 0 to 512
[  471.992120][  T114] usb 7-1: Service connection timeout for: 256
[  472.000015][  T114] ath9k_htc 7-1:1.0: ath9k_htc: Unable to initialize HTC services
[  472.022400][T10164] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  472.022992][  T114] ath9k_htc: Failed to initialize the device
[  472.055737][ T9798] usb 7-1: ath9k_htc: USB layer deinitialized
[  472.141373][T10164] ext4 filesystem being mounted at /90/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  472.605227][ T8037] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  472.978922][T10190] loop8: detected capacity change from 0 to 256
[  473.032545][T10190] vfat: Unknown parameter 'codepag¢ès‘³¼]¯e'
[  473.064049][T10194] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1302'.
[  473.199546][T10193] loop9: detected capacity change from 0 to 2048
[  473.394863][T10193] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  473.687360][ T9272] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  474.092100][T10210] loop9: detected capacity change from 0 to 1024
[  475.614834][   T31] kauditd_printk_skb: 13 callbacks suppressed
[  475.614860][   T31] audit: type=1326 audit(1769456725.717:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10240 comm="syz.9.1313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabc0f9aeb9 code=0x7ffc0000
[  475.742565][   T31] audit: type=1326 audit(1769456725.717:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10240 comm="syz.9.1313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabc0f9aeb9 code=0x7ffc0000
[  475.862982][   T31] audit: type=1326 audit(1769456725.727:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10240 comm="syz.9.1313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7fabc0f9aeb9 code=0x7ffc0000
[  476.007854][   T31] audit: type=1326 audit(1769456725.727:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10240 comm="syz.9.1313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabc0f9aeb9 code=0x7ffc0000
[  476.128395][T10253] loop9: detected capacity change from 0 to 2048
[  476.264275][T10262] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  476.266842][T10253] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  476.271851][T10262] IPv6: NLM_F_CREATE should be set when creating new route
[  476.595115][T10257] loop2: detected capacity change from 0 to 8192
[  476.626074][ T9272] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  476.751113][T10277] loop7: detected capacity change from 0 to 1024
[  480.385509][T10315] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1336'.
[  480.504164][T10317] loop2: detected capacity change from 0 to 128
[  480.702083][T10321] loop6: detected capacity change from 0 to 2048
[  480.842681][T10321] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  481.221086][T10335] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1342'.
[  481.265755][ T6666] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  481.279725][T10335] vlan0: entered promiscuous mode
[  481.379406][T10338] loop7: detected capacity change from 0 to 1024
[  482.745483][T10357] loop6: detected capacity change from 0 to 1024
[  482.824478][T10357] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  483.234040][ T6666] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  483.906205][T10397] loop6: detected capacity change from 0 to 256
[  484.333912][T10407] loop6: detected capacity change from 0 to 1024
[  486.910510][T10443] loop9: detected capacity change from 0 to 8192
[  488.259232][T10467] loop8: detected capacity change from 0 to 1024
[  488.391943][T10467] EXT4-fs: Ignoring removed oldalloc option
[  488.408149][T10467] EXT4-fs (loop8): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  488.509417][T10467] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  488.735170][ T8037] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  489.861157][T10490] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1392'.
[  490.003360][T10494] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  491.544210][T10526] loop6: detected capacity change from 0 to 1024
[  491.605939][T10526] EXT4-fs: Ignoring removed oldalloc option
[  491.655204][T10526] EXT4-fs (loop6): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  491.828360][T10536] loop2: detected capacity change from 0 to 764
[  493.057863][T10526] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  493.093348][T10540] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  493.377902][ T6666] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  495.049531][T10577] loop6: detected capacity change from 0 to 512
[  495.177952][T10577] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  495.209944][T10577] ext4 filesystem being mounted at /176/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  495.705084][T10593] loop8: detected capacity change from 0 to 1024
[  495.780985][T10593] EXT4-fs: Ignoring removed oldalloc option
[  495.818901][T10593] EXT4-fs (loop8): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  495.937567][T10593] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  496.065829][T10599] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  496.165990][ T6666] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  496.260074][ T8037] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  497.111184][ T5967] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  497.320917][ T5967] usb 10-1: Using ep0 maxpacket: 32
[  497.338792][ T5967] usb 10-1: no configurations
[  497.371058][ T5967] usb 10-1: can't read configurations, error -22
[  497.576900][ T5967] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  497.790982][ T5967] usb 10-1: Using ep0 maxpacket: 32
[  497.829132][ T5967] usb 10-1: no configurations
[  497.871073][ T5967] usb 10-1: can't read configurations, error -22
[  497.914349][ T5967] usb usb10-port1: attempt power cycle
[  498.043042][T10640] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  498.332916][ T5967] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  498.403803][ T5967] usb 10-1: Using ep0 maxpacket: 32
[  498.416498][ T5967] usb 10-1: no configurations
[  498.450877][ T5967] usb 10-1: can't read configurations, error -22
[  499.401281][ T5967] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  499.451662][ T5967] usb 10-1: Using ep0 maxpacket: 32
[  499.471840][ T5967] usb 10-1: no configurations
[  499.476578][ T5967] usb 10-1: can't read configurations, error -22
[  499.512304][ T5967] usb usb10-port1: unable to enumerate USB device
[  499.705850][T10665] loop7: detected capacity change from 0 to 512
[  499.870251][T10665] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  499.929428][T10665] ext4 filesystem being mounted at /95/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  500.059621][T10665] EXT4-fs warning (device loop7): verify_group_input:136: Cannot add at group 0 (only 1 groups)
[  500.259058][ T8010] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  500.357250][T10686] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  500.450446][T10688] syz_tun: entered allmulticast mode
[  501.764075][T10705] loop8: detected capacity change from 0 to 1024
[  501.816272][T10705] EXT4-fs: Ignoring removed oldalloc option
[  501.860974][T10705] EXT4-fs (loop8): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  501.938548][T10705] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  502.306659][ T8037] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  504.377520][T10771] loop9: detected capacity change from 0 to 128
[  504.401515][T10771] FAT-fs (loop9): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  504.452980][T10771] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  504.520742][T10771] ieee802154 phy0 wpan0: encryption failed: -22
[  505.409497][T10797] loop6: detected capacity change from 0 to 128
[  507.421793][T10817] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  507.864390][T10832] loop7: detected capacity change from 0 to 128
[  507.919088][T10832] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  507.990969][T10832] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  508.085591][T10832] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1506'.
[  508.220646][T10832] batman_adv: batadv0: Adding interface: macvtap1
[  508.256888][T10832] batman_adv: batadv0: The MTU of interface macvtap1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  508.348372][T10832] batman_adv: batadv0: Not using interface macvtap1 (retrying later): interface not active
[  512.833534][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  512.839899][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  515.646669][T10959] loop2: detected capacity change from 0 to 764
[  517.122329][T10975] loop9: detected capacity change from 0 to 512
[  517.296251][T10975] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  517.435513][T10975] ext4 filesystem being mounted at /65/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  517.733801][T10988] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1565'.
[  517.744429][ T9272] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  517.800329][T10956] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1556'.
[  517.980715][   T31] audit: type=1326 audit(1769456768.077:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10990 comm="syz.9.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabc0f9aeb9 code=0x7ffc0000
[  518.056075][   T31] audit: type=1326 audit(1769456768.107:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10990 comm="syz.9.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabc0f9aeb9 code=0x7ffc0000
[  518.197714][   T31] audit: type=1326 audit(1769456768.117:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10990 comm="syz.9.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fabc0f9aeb9 code=0x7ffc0000
[  518.292059][   T31] audit: type=1326 audit(1769456768.117:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10990 comm="syz.9.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabc0f9aeb9 code=0x7ffc0000
[  518.392220][   T31] audit: type=1326 audit(1769456768.117:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10990 comm="syz.9.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabc0f9aeb9 code=0x7ffc0000
[  518.491239][   T31] audit: type=1326 audit(1769456768.127:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10990 comm="syz.9.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7fabc0f9aeb9 code=0x7ffc0000
[  518.525659][   T31] audit: type=1326 audit(1769456768.127:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10990 comm="syz.9.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabc0f9aeb9 code=0x7ffc0000
[  518.612402][T11007] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1572'.
[  518.650892][   T31] audit: type=1326 audit(1769456768.127:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10990 comm="syz.9.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabc0f9aeb9 code=0x7ffc0000
[  518.859974][T11012] loop7: detected capacity change from 0 to 1024
[  518.899723][T11012] EXT4-fs: inline encryption not supported
[  518.939693][T11012] EXT4-fs: Ignoring removed oldalloc option
[  518.974446][T11012] EXT4-fs: Ignoring removed mblk_io_submit option
[  519.085078][T11012] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  519.407455][ T8010] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  519.796192][T11045] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  520.099481][T11058] loop7: detected capacity change from 0 to 764
[  521.426679][T11078] program syz.6.1593 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  521.823042][T11089] loop6: detected capacity change from 0 to 2048
[  521.910105][T11089] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  524.091378][T11022] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1303: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  524.256125][ T6666] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  525.239811][T11129] loop6: detected capacity change from 0 to 764
[  526.820213][T11158] syz_tun: entered allmulticast mode
[  532.278279][T11241] program syz.9.1664 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  532.498379][  T114] kernel write not supported for file /sg0 (pid: 114 comm: kworker/1:2)
[  532.686312][T11251] loop9: detected capacity change from 0 to 1024
[  532.716932][T11251] EXT4-fs: Ignoring removed orlov option
[  532.750621][T11251] EXT4-fs: inline encryption not supported
[  532.841556][T11251] EXT4-fs (loop9): bad geometry: block count 3585 exceeds size of device (512 blocks)
[  532.870570][T11254] random: crng reseeded on system resumption
[  535.189331][T11332] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  535.571597][T11346] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1709'.
[  537.501799][T11385] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  539.021533][T11405] xt_hashlimit: overflow, try lower: 3/0
[  539.661133][T11427] loop2: detected capacity change from 0 to 764
[  539.661285][T11429] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  541.499416][   T31] audit: type=1326 audit(1769456791.597:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11450 comm="syz.7.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa22839aeb9 code=0x7ffc0000
[  541.570047][   T31] audit: type=1326 audit(1769456791.597:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11450 comm="syz.7.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa22839aeb9 code=0x7ffc0000
[  541.624343][T11457] program syz.9.1754 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  541.668936][   T31] audit: type=1326 audit(1769456791.627:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11450 comm="syz.7.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa22839aeb9 code=0x7ffc0000
[  541.800498][   T31] audit: type=1326 audit(1769456791.627:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11450 comm="syz.7.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa22839aeb9 code=0x7ffc0000
[  541.910543][   T31] audit: type=1326 audit(1769456791.637:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11450 comm="syz.7.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7fa22839aeb9 code=0x7ffc0000
[  542.007345][   T31] audit: type=1326 audit(1769456791.637:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11450 comm="syz.7.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa22839aeb9 code=0x7ffc0000
[  542.117017][   T31] audit: type=1326 audit(1769456791.637:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11450 comm="syz.7.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa22839aeb9 code=0x7ffc0000
[  542.187872][T11476] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  542.196767][   T31] audit: type=1326 audit(1769456791.637:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11450 comm="syz.7.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa22839aeb9 code=0x7ffc0000
[  542.299283][   T31] audit: type=1326 audit(1769456791.637:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11450 comm="syz.7.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa22839aeb9 code=0x7ffc0000
[  542.374422][   T31] audit: type=1326 audit(1769456791.637:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11450 comm="syz.7.1752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fa22839aeb9 code=0x7ffc0000
[  542.580915][T11490] loop9: detected capacity change from 0 to 512
[  542.708320][T11490] EXT4-fs warning (device loop9): ext4_init_metadata_csum:4636: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  542.723115][T11490] EXT4-fs (loop9): VFS: Found ext4 filesystem with unknown checksum algorithm.
[  542.815625][T11493] program syz.8.1772 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  544.394327][ T5835] Bluetooth: hci3: command 0x040f tx timeout
[  545.984780][T11527] loop8: detected capacity change from 0 to 764
[  547.083133][T11504] loop9: detected capacity change from 0 to 2048
[  547.209291][ T6304]  loop9: p1 < > p4
[  547.245784][ T6304] loop9: p4 size 8388608 extends beyond EOD, truncated
[  549.471185][T11504]  loop9: p1 < > p4
[  550.116151][T11504] loop9: p4 size 8388608 extends beyond EOD, truncated
[  550.165615][T11547] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  550.639745][T11555] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  550.709404][T11555] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  550.833432][ T5814] udevd[5814]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory
[  550.834311][ T6303] udevd[6303]: inotify_add_watch(7, /dev/loop9p4, 10) failed: No such file or directory
[  551.042402][ T6304] udevd[6304]: inotify_add_watch(7, /dev/loop9p4, 10) failed: No such file or directory
[  551.047693][ T5814] udevd[5814]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory
[  551.589518][ T5914] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  551.661189][ T5914] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  551.703801][T11578] loop2: detected capacity change from 0 to 2048
[  551.764840][T11578] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  552.037885][T11581] fido_id[11581]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  552.106156][ T5825] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  552.452425][T11602] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  553.528094][   T31] kauditd_printk_skb: 9 callbacks suppressed
[  553.528122][   T31] audit: type=1326 audit(1769456803.597:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11627 comm="syz.2.1823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ffaf9aeb9 code=0x7ffc0000
[  553.703816][   T31] audit: type=1326 audit(1769456803.597:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11627 comm="syz.2.1823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ffaf9aeb9 code=0x7ffc0000
[  554.372129][   T31] audit: type=1326 audit(1769456803.667:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11627 comm="syz.2.1823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=227 compat=0 ip=0x7f3ffaf9aeb9 code=0x7ffc0000
[  554.577473][   T31] audit: type=1326 audit(1769456803.667:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11627 comm="syz.2.1823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ffaf9aeb9 code=0x7ffc0000
[  554.694174][   T31] audit: type=1326 audit(1769456803.667:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11627 comm="syz.2.1823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ffaf9aeb9 code=0x7ffc0000
[  555.098036][T11660] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  557.631774][T11724] loop9: detected capacity change from 0 to 8192
[  557.799905][T11733] random: crng reseeded on system resumption
[  557.878947][T11737] loop7: detected capacity change from 0 to 512
[  557.917463][T11737] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  558.579954][T11749] bridge2: entered promiscuous mode
[  558.610433][T11749] bridge2: entered allmulticast mode
[  558.787389][T11753] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  559.979885][T11782] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  559.998360][T11782] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  560.934951][T11798] syz_tun: entered allmulticast mode
[  561.997516][T11813] loop9: detected capacity change from 0 to 8192
[  562.676403][T11823] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1909'.
[  562.688191][T11824] Driver unsupported XDP return value 0 on prog  (id 124) dev N/A, expect packet loss!
[  563.348761][ T5830] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  563.413766][ T5830] hid-generic 0000:0000:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  563.433485][T11847] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  563.467287][T11847] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  563.483541][T11840] loop6: detected capacity change from 0 to 2048
[  563.650050][T11840] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  563.789016][T11858] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1924'.
[  563.858893][T11856] loop2: detected capacity change from 0 to 512
[  563.889837][T11856] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  564.007225][T11852] fido_id[11852]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  564.086018][ T6666] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  564.389436][T11868] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  564.911777][T11887] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1936'.
[  565.453607][  T114] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  565.539863][  T114] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  565.564815][T11898] loop6: detected capacity change from 0 to 2048
[  565.642160][T11907] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1946'.
[  565.735018][T11898] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  566.082122][ T6666] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  566.391000][T11922] loop7: detected capacity change from 0 to 764
[  567.952272][T11947] random: crng reseeded on system resumption
[  568.036149][T11950] netlink: 4 bytes leftover after parsing attributes in process `syz.9.1963'.
[  569.919956][T11980] loop8: detected capacity change from 0 to 512
[  573.041729][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  573.171072][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  575.184875][T12007] loop2: detected capacity change from 0 to 2048
[  575.262075][T12007] EXT4-fs: Ignoring removed mblk_io_submit option
[  575.418796][T12007] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  575.521984][T12007] ext4 filesystem being mounted at /337/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  575.745933][T12017] EXT4-fs error (device loop2): ext4_validate_block_bitmap:440: comm ext4lazyinit: bg 0: block 345: padding at end of block bitmap is not set
[  575.812492][ T5825] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  575.830050][T12021] loop8: detected capacity change from 0 to 512
[  581.324575][T12070] netlink: 'syz.1.2011': attribute type 8 has an invalid length.
[  581.373732][T12070] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2011'.
[  581.467586][T12070] bond0: entered promiscuous mode
[  581.502030][T12070] bond_slave_0: entered promiscuous mode
[  581.536855][T12070] bond_slave_1: entered promiscuous mode
[  581.573624][T12070] bridge0: entered promiscuous mode
[  581.613558][T12070] gretap0: entered promiscuous mode
[  581.651961][T12070] ip6gretap0: entered promiscuous mode
[  581.713966][T12070] hsr1: entered promiscuous mode
[  582.474293][T12081] loop2: detected capacity change from 0 to 512
[  585.856558][T12107] loop6: detected capacity change from 0 to 512
[  585.933522][T12109] xt_hashlimit: size too large, truncated to 1048576
[  586.109287][T12112] loop7: detected capacity change from 0 to 512
[  586.893396][T12122] loop2: detected capacity change from 0 to 512
[  586.958695][T12122] EXT4-fs: Ignoring removed nobh option
[  587.051001][T12122] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  587.225591][T12122] EXT4-fs (loop2): 1 truncate cleaned up
[  587.325100][T12122] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  587.388661][T12127] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2031'.
[  588.802312][ T5825] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  589.385899][T12149] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2039'.
[  589.497935][T12152] loop8: detected capacity change from 0 to 512
[  590.074027][T12158] loop2: detected capacity change from 0 to 1024
[  590.086416][T12159] loop9: detected capacity change from 0 to 1024
[  590.173286][T12159] EXT4-fs: Ignoring removed oldalloc option
[  590.184008][T12158] EXT4-fs: Ignoring removed oldalloc option
[  590.246942][T12158] EXT4-fs: Ignoring removed bh option
[  590.269633][T12159] EXT4-fs: Ignoring removed bh option
[  590.393506][T12158] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  590.444999][T12159] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  590.752188][T12159] EXT4-fs error (device loop9): mb_free_blocks:2034: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[  590.856586][T12168] bridge0: port 2(bridge_slave_1) entered disabled state
[  590.906918][ T5825] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  590.915772][T12175] program syz.7.2050 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  591.403160][ T9272] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  600.575733][T12241] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2077'.
[  602.852338][T12255] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2059'.
[  603.190931][T12257] program syz.6.2066 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  605.115989][T12285] loop9: detected capacity change from 0 to 2048
[  605.836022][T12285] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  605.931501][T12287] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2073'.
[  606.370693][T12289] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2093'.
[  608.778012][   T31] audit: type=1326 audit(1769456858.877:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12322 comm="syz.6.2106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faba579aeb9 code=0x7ffc0000
[  608.914813][   T31] audit: type=1326 audit(1769456858.877:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12322 comm="syz.6.2106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faba579aeb9 code=0x7ffc0000
[  609.100508][   T31] audit: type=1326 audit(1769456858.907:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12322 comm="syz.6.2106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faba579aeb9 code=0x7ffc0000
[  609.223875][   T31] audit: type=1326 audit(1769456858.907:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12322 comm="syz.6.2106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faba579aeb9 code=0x7ffc0000
[  609.323077][T12332] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2109'.
[  609.417621][   T31] audit: type=1326 audit(1769456858.917:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12322 comm="syz.6.2106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7faba5799d97 code=0x7ffc0000
[  609.550868][   T31] audit: type=1326 audit(1769456858.917:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12322 comm="syz.6.2106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faba579aeb9 code=0x7ffc0000
[  609.715464][   T31] audit: type=1326 audit(1769456858.917:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12322 comm="syz.6.2106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faba579aeb9 code=0x7ffc0000
[  609.890360][   T31] audit: type=1326 audit(1769456858.917:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12322 comm="syz.6.2106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faba579aeb9 code=0x7ffc0000
[  609.899345][T12339] loop6: detected capacity change from 0 to 1024
[  610.041875][   T31] audit: type=1326 audit(1769456858.917:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12322 comm="syz.6.2106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faba579aeb9 code=0x7ffc0000
[  610.952690][T12339] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  611.107228][   T31] audit: type=1326 audit(1769456858.917:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12322 comm="syz.6.2106" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faba579aeb9 code=0x7ffc0000
[  611.189233][T12339] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4214: comm syz.6.2113: Allocating blocks 417-513 which overlap fs metadata
[  611.263447][T12357] EXT4-fs (loop6): pa ffff88807df1dd98: logic 15984, phys. 113, len 25
[  611.273174][T12357] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5465: group 0, free 19, pa_free 25
[  611.705131][T12365] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2122'.
[  611.802951][ T6666] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  612.661008][T12378] loop9: detected capacity change from 0 to 8
[  613.023314][T12378] unable to read fragment index table
[  613.481092][T12387] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2131'.
[  615.179100][T12425] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2148'.
[  616.839596][T12441] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2153'.
[  617.555353][T12458] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2162'.
[  617.816766][T12467] syzkaller0: entered promiscuous mode
[  617.823452][T12467] syzkaller0: entered allmulticast mode
[  618.068440][T12473] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2170'.
[  618.346697][T12479] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2172'.
[  620.845829][T12509] loop7: detected capacity change from 0 to 256
[  621.250958][T12516] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2189'.
[  622.196225][T12531] program syz.2.2194 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  622.261776][   T31] kauditd_printk_skb: 10 callbacks suppressed
[  622.261804][   T31] audit: type=1326 audit(1769456872.357:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12525 comm="syz.8.2166" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4bbfd9aeb9 code=0x0
[  622.497628][T12535] loop7: detected capacity change from 0 to 512
[  622.545108][T12535] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  622.571062][T12535] ext4 filesystem being mounted at /224/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  622.876658][ T8010] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  623.406122][T12568] loop6: detected capacity change from 0 to 764
[  626.467438][T12642] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2240'.
[  627.476188][T12676] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2254'.
[  627.635950][T12682] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2256'.
[  629.371359][T12688] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2259'.
[  629.526061][T12694] netlink: 60 bytes leftover after parsing attributes in process `syz.6.2263'.
[  630.230571][T12717] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2273'.
[  630.855932][T12727] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2277'.
[  631.991515][T12745] loop7: detected capacity change from 0 to 256
[  632.074296][T12749] loop6: detected capacity change from 0 to 256
[  632.102864][T12749] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  632.228274][T12745] FAT-fs (loop7): Directory bread(block 64) failed
[  632.274813][T12745] FAT-fs (loop7): Directory bread(block 65) failed
[  632.328525][T12745] FAT-fs (loop7): Directory bread(block 66) failed
[  632.365773][T12749] FAT-fs (loop6): Directory bread(block 64) failed
[  632.373481][T12745] FAT-fs (loop7): Directory bread(block 67) failed
[  632.393915][T12749] FAT-fs (loop6): Directory bread(block 65) failed
[  632.403124][T12745] FAT-fs (loop7): Directory bread(block 68) failed
[  632.428914][T12749] FAT-fs (loop6): Directory bread(block 66) failed
[  632.437914][T12745] FAT-fs (loop7): Directory bread(block 69) failed
[  632.467743][T12749] FAT-fs (loop6): Directory bread(block 67) failed
[  632.476770][T12745] FAT-fs (loop7): Directory bread(block 70) failed
[  632.509693][T12745] FAT-fs (loop7): Directory bread(block 71) failed
[  632.517305][T12749] FAT-fs (loop6): Directory bread(block 68) failed
[  632.534358][T12749] FAT-fs (loop6): Directory bread(block 69) failed
[  632.542564][T12745] FAT-fs (loop7): Directory bread(block 72) failed
[  632.569726][T12749] FAT-fs (loop6): Directory bread(block 70) failed
[  632.582998][T12745] FAT-fs (loop7): Directory bread(block 73) failed
[  632.641207][T12749] FAT-fs (loop6): Directory bread(block 71) failed
[  632.652584][T12749] FAT-fs (loop6): Directory bread(block 72) failed
[  632.669067][T12749] FAT-fs (loop6): Directory bread(block 73) failed
[  634.127025][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  634.140955][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  638.020041][T12810] netlink: 'syz.2.2310': attribute type 13 has an invalid length.
[  638.169914][T12805] syzkaller0: entered promiscuous mode
[  638.210297][T12805] syzkaller0: entered allmulticast mode
[  639.002200][T12824] loop9: detected capacity change from 0 to 8
[  639.417249][T12819] loop6: detected capacity change from 0 to 8192
[  639.441898][T12824] unable to read fragment index table
[  639.992200][T12828] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2317'.
[  640.848814][T12841] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  640.883691][T12841] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  642.729575][T12854] loop6: detected capacity change from 0 to 512
[  646.599333][T12865] netlink: 14544 bytes leftover after parsing attributes in process `syz.1.2329'.
[  647.705347][T12887] loop8: detected capacity change from 0 to 512
[  652.769073][T12939] loop2: detected capacity change from 0 to 512
[  652.837121][T12939] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  652.959765][T12939] EXT4-fs (loop2): 1 truncate cleaned up
[  652.984736][T12939] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  653.520995][T12951] loop7: detected capacity change from 0 to 2048
[  653.730199][ T5825] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  653.980830][T12951] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  655.627895][T12955] usb usb8: usbfs: interface 0 claimed by hub while 'syz.2.2363' sets config #3135
[  657.781378][T12975] loop9: detected capacity change from 0 to 8
[  658.096510][T12975] unable to read fragment index table
[  658.431891][T12989] loop6: detected capacity change from 0 to 512
[  658.454436][T12989] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  659.514385][T12999] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2383'.
[  659.535541][T13003] loop8: detected capacity change from 0 to 256
[  659.556876][T13003] FAT-fs (loop8): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  659.636133][T13003] FAT-fs (loop8): Directory bread(block 64) failed
[  659.657509][T13003] FAT-fs (loop8): Directory bread(block 65) failed
[  659.690372][ T5936] kworker/u8:8: attempt to access beyond end of device
[  659.690372][ T5936] loop6: rw=1, sector=3208, nr_sectors = 40 limit=512
[  659.722062][T13003] FAT-fs (loop8): Directory bread(block 66) failed
[  659.810966][T13003] FAT-fs (loop8): Directory bread(block 67) failed
[  659.818969][T13003] FAT-fs (loop8): Directory bread(block 68) failed
[  660.293601][T13003] FAT-fs (loop8): Directory bread(block 69) failed
[  660.464823][T13003] FAT-fs (loop8): Directory bread(block 70) failed
[  660.510612][T13003] FAT-fs (loop8): Directory bread(block 71) failed
[  660.582658][T13003] FAT-fs (loop8): Directory bread(block 72) failed
[  660.589224][T13003] FAT-fs (loop8): Directory bread(block 73) failed
[  660.817563][T13009] loop9: detected capacity change from 0 to 2048
[  660.877330][T13009] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  663.170519][T13023] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2392'.
[  663.804831][T13042] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  664.834671][T13040] loop2: detected capacity change from 0 to 8
[  665.402544][T13040] unable to read fragment index table
[  667.258537][T13066] loop7: detected capacity change from 0 to 256
[  667.378022][T13066] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  667.696771][T13066] FAT-fs (loop7): Directory bread(block 64) failed
[  667.715771][T13066] FAT-fs (loop7): Directory bread(block 65) failed
[  667.758040][T13066] FAT-fs (loop7): Directory bread(block 66) failed
[  667.778127][T13066] FAT-fs (loop7): Directory bread(block 67) failed
[  667.804978][T13066] FAT-fs (loop7): Directory bread(block 68) failed
[  667.815012][T13066] FAT-fs (loop7): Directory bread(block 69) failed
[  667.829123][T13066] FAT-fs (loop7): Directory bread(block 70) failed
[  667.852359][T13066] FAT-fs (loop7): Directory bread(block 71) failed
[  667.883239][T13066] FAT-fs (loop7): Directory bread(block 72) failed
[  667.910213][T13066] FAT-fs (loop7): Directory bread(block 73) failed
[  668.101045][T13076] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2407'.
[  668.318887][T13080] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2393'.
[  668.492335][T13086] xt_hashlimit: size too large, truncated to 1048576
[  670.267568][T13107] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2418'.
[  670.287155][T13106] usb usb6: usbfs: process 13106 (syz.2.2419) did not claim interface 0 before use
[  670.452269][   T31] audit: type=1800 audit(1769456920.547:510): pid=13103 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2416" name="bus" dev="tmpfs" ino=1502 res=0 errno=0
[  670.567437][T13107] bond1: option downdelay: invalid value (18446744073709551615)
[  670.586233][T13115] loop6: detected capacity change from 0 to 2048
[  670.634809][T13115] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  670.680884][T13107] bond1: option downdelay: allowed values 0 - 2147483647
[  670.776649][T13107] bond1 (unregistering): Released all slaves
[  671.592514][T13128] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2424'.
[  671.656519][T13128] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2424'.
[  672.000331][T13131] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2426'.
[  674.010889][   T31] audit: type=1326 audit(1769456924.107:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13149 comm="syz.7.2433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa22839aeb9 code=0x7ffc0000
[  674.116044][   T31] audit: type=1326 audit(1769456924.107:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13149 comm="syz.7.2433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa22839aeb9 code=0x7ffc0000
[  675.010899][   T31] audit: type=1326 audit(1769456924.147:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13149 comm="syz.7.2433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa22839c747 code=0x7ffc0000
[  675.049177][   T31] audit: type=1326 audit(1769456924.147:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13149 comm="syz.7.2433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fa22835b78e code=0x7ffc0000
[  675.090866][   T31] audit: type=1326 audit(1769456924.147:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13149 comm="syz.7.2433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fa22835b78e code=0x7ffc0000
[  675.176929][   T31] audit: type=1326 audit(1769456924.147:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13149 comm="syz.7.2433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fa22835b78e code=0x7ffc0000
[  675.321132][   T31] audit: type=1326 audit(1769456924.147:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13149 comm="syz.7.2433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fa22835b78e code=0x7ffc0000
[  675.417035][   T31] audit: type=1326 audit(1769456924.157:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13149 comm="syz.7.2433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa22839aeb9 code=0x7ffc0000
[  675.529750][   T31] audit: type=1326 audit(1769456924.157:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13149 comm="syz.7.2433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa22839aeb9 code=0x7ffc0000
[  677.845839][T13178] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2440'.
[  678.598103][   T24] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  679.324825][   T24] usb 8-1: config 0 has no interfaces?
[  679.345896][   T24] usb 8-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  679.446292][   T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  679.536238][T13196] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2451'.
[  679.561690][   T24] usb 8-1: config 0 descriptor??
[  679.565954][T13196] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2451'.
[  679.836087][   T24] usb 8-1: USB disconnect, device number 3
[  679.836950][T13200] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2453'.
[  682.637657][T13224] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2462'.
[  682.751759][   T24] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  682.954037][   T24] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  682.986140][T13230] loop8: detected capacity change from 0 to 256
[  682.995583][   T24] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  683.026137][T13230] FAT-fs (loop8): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  683.055804][   T24] usb 8-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  683.104763][   T24] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  683.151439][   T24] usb 8-1: SerialNumber: syz
[  683.184817][T13230] FAT-fs (loop8): Directory bread(block 64) failed
[  683.211190][T13230] FAT-fs (loop8): Directory bread(block 65) failed
[  683.237728][T13230] FAT-fs (loop8): Directory bread(block 66) failed
[  683.249800][T13236] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2467'.
[  683.271666][T13230] FAT-fs (loop8): Directory bread(block 67) failed
[  683.289155][T13230] FAT-fs (loop8): Directory bread(block 68) failed
[  683.320904][T13230] FAT-fs (loop8): Directory bread(block 69) failed
[  683.342164][T13230] FAT-fs (loop8): Directory bread(block 70) failed
[  683.358950][T13230] FAT-fs (loop8): Directory bread(block 71) failed
[  683.405031][T13230] FAT-fs (loop8): Directory bread(block 72) failed
[  683.429430][   T24] usb 8-1: 0:2 : does not exist
[  683.435339][T13230] FAT-fs (loop8): Directory bread(block 73) failed
[  683.524674][T13238] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2468'.
[  683.628790][   T24] usb 8-1: USB disconnect, device number 4
[  685.749672][ T5814] udevd[5814]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  685.990912][ T5914] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  688.031233][ T5914] usb 9-1: Using ep0 maxpacket: 32
[  688.038905][ T5914] usb 9-1: config 0 has an invalid interface number: 67 but max is 0
[  688.047419][ T5914] usb 9-1: config 0 has no interface number 0
[  688.056967][ T5914] usb 9-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  688.066595][ T5914] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  688.077926][ T5914] usb 9-1: Product: syz
[  688.082401][ T5914] usb 9-1: Manufacturer: syz
[  688.087010][ T5914] usb 9-1: SerialNumber: syz
[  688.095370][ T5914] usb 9-1: config 0 descriptor??
[  688.111989][ T5914] smsc95xx v2.0.0
[  688.115863][ T5914] smsc95xx 9-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  688.127246][ T5914] smsc95xx 9-1:0.67: probe with driver smsc95xx failed with error -22
[  688.231105][ T5830] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  688.373042][   T24] usb 9-1: USB disconnect, device number 2
[  688.426480][ T5830] usb 7-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  688.438461][ T5830] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  688.472805][ T5830] usb 7-1: config 0 descriptor??
[  689.122716][ T5830] usb 7-1: Cannot set autoneg
[  689.143841][ T5830] MOSCHIP usb-ethernet driver 7-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  689.158747][T13278] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2481'.
[  689.181849][ T5830] usb 7-1: USB disconnect, device number 8
[  689.431582][T13282] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2483'.
[  689.452406][T13282] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2483'.
[  689.473047][T13281] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2484'.
[  689.928144][T13296] tmpfs: Bad value for 'size'
[  690.022328][   T24] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  690.205530][   T24] usb 10-1: too many endpoints for config 0 interface 0 altsetting 3: 65, using maximum allowed: 30
[  690.236820][   T24] usb 10-1: config 0 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 65
[  690.269065][   T24] usb 10-1: config 0 interface 0 has no altsetting 0
[  690.299583][   T24] usb 10-1: New USB device found, idVendor=1b96, idProduct=000c, bcdDevice= 0.00
[  690.342956][   T24] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  690.380171][   T24] usb 10-1: config 0 descriptor??
[  690.437066][T13314] loop2: detected capacity change from 0 to 512
[  693.468363][   T24] ntrig 0003:1B96:000C.000C: unknown main item tag 0x0
[  693.488954][   T24] ntrig 0003:1B96:000C.000C: unknown main item tag 0x0
[  693.552763][   T24] ntrig 0003:1B96:000C.000C: unknown main item tag 0x0
[  693.587692][   T24] ntrig 0003:1B96:000C.000C: unknown main item tag 0x0
[  693.630921][   T24] ntrig 0003:1B96:000C.000C: unknown main item tag 0x0
[  693.651049][T13319] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2496'.
[  693.720953][   T24] ntrig 0003:1B96:000C.000C: hidraw0: USB HID v0.0b Device [HID 1b96:000c] on usb-dummy_hcd.9-1/input0
[  693.770889][   T24] ntrig 0003:1B96:000C.000C: Firmware version: 5.9.4.2.5 (a44a 5d98)
[  693.970194][ T5830] usb 10-1: USB disconnect, device number 6
[  694.290903][   T24] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  694.461060][   T24] usb 3-1: Using ep0 maxpacket: 32
[  694.484356][   T24] usb 3-1: config 2 has an invalid interface number: 88 but max is 0
[  694.501146][   T24] usb 3-1: config 2 has no interface number 0
[  694.517591][   T24] usb 3-1: config 2 interface 88 has no altsetting 0
[  694.535474][   T24] usb 3-1: New USB device found, idVendor=0557, idProduct=2009, bcdDevice=c7.1e
[  694.561072][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  694.589068][   T24] usb 3-1: Product: syz
[  694.610818][   T24] usb 3-1: Manufacturer: syz
[  694.615467][   T24] usb 3-1: SerialNumber: syz
[  694.664863][   T24] asix 3-1:2.88: probe with driver asix failed with error -22
[  695.355975][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  695.362863][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  697.147316][   T24] usb 3-1: USB disconnect, device number 14
[  697.631018][T13375] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2516'.
[  698.482254][   T24] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  698.643371][   T24] usb 8-1: config 0 interface 0 altsetting 251 bulk endpoint 0x9 has invalid maxpacket 99
[  698.674604][   T24] usb 8-1: config 0 interface 0 has no altsetting 0
[  698.716204][   T24] usb 8-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  698.742409][   T24] usb 8-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  698.781922][   T24] usb 8-1: Product: syz
[  698.786797][   T24] usb 8-1: Manufacturer: syz
[  698.813990][   T24] usb 8-1: SerialNumber: syz
[  698.835093][   T24] usb 8-1: config 0 descriptor??
[  698.842994][T13388] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  698.895601][   T24] usb 8-1: selecting invalid altsetting 0
[  698.961247][T13401] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2527'.
[  700.997652][ T5830] usb 8-1: USB disconnect, device number 5
[  705.020461][T13442] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[  705.032121][T13442] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=512, location=512
[  705.042579][T13442] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found
[  705.050309][T13442] UDF-fs: Scanning with blocksize 512 failed
[  705.065044][T13442] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[  705.077701][T13442] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=512, location=512
[  705.087475][T13442] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found
[  705.095308][T13442] UDF-fs: Scanning with blocksize 1024 failed
[  705.107334][T13442] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[  705.117634][T13442] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=512, location=512
[  705.127417][T13442] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found
[  705.136146][T13442] UDF-fs: Scanning with blocksize 2048 failed
[  705.145895][T13442] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[  705.156160][T13442] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=512, location=512
[  705.166780][T13442] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found
[  705.174623][T13442] UDF-fs: Scanning with blocksize 4096 failed
[  705.181433][T13442] UDF-fs: warning (device loop8): udf_fill_super: No partition found (1)
[  705.943135][T13447] loop8: detected capacity change from 0 to 8
[  705.965390][T13447] unable to read fragment index table
[  707.401109][ T5830] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  708.990864][ T5830] usb 10-1: Using ep0 maxpacket: 32
[  709.003327][ T5830] usb 10-1: config 0 has an invalid interface number: 188 but max is 0
[  709.020950][ T5830] usb 10-1: config 0 has no interface number 0
[  709.031226][ T5830] usb 10-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  709.063644][ T5830] usb 10-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  709.084792][ T5830] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  709.100809][ T5830] usb 10-1: Product: syz
[  709.130852][ T5830] usb 10-1: Manufacturer: syz
[  709.145807][ T5830] usb 10-1: SerialNumber: syz
[  709.198840][ T5830] usb 10-1: config 0 descriptor??
[  709.343634][ T5830] usb 10-1: can't set config #0, error -71
[  709.426388][ T5830] usb 10-1: USB disconnect, device number 7
[  710.259798][T13483] loop2: detected capacity change from 0 to 8
[  710.271558][T13483] unable to read fragment index table
[  714.178303][T13510] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2564'.
[  714.218249][T13510] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2564'.
[  714.929159][T13516] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  716.396539][T13531] netlink: 212408 bytes leftover after parsing attributes in process `syz.6.2571'.
[  717.012233][T13537] netlink: 'syz.7.2574': attribute type 10 has an invalid length.
[  717.108508][T13537] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  717.183320][T13538] 8021q: adding VLAN 0 to HW filter on device bond1
[  717.209529][T13537] bond_slave_0: entered promiscuous mode
[  717.215678][T13537] bond_slave_1: entered promiscuous mode
[  717.221467][T13537] syz_tun: entered promiscuous mode
[  717.228064][T13537] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  717.242875][T13537] bond1: (slave macvlan2): unknown ethtool speed (30000) for port 1 (set it to 0)
[  717.256043][T13537] bond1: (slave macvlan2): speed changed to 0 on port 1
[  717.268033][T13537] bond1: (slave macvlan2): Enslaving as a backup interface with an up link
[  718.541301][T13545] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2576'.
[  722.275362][T13588] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2592'.
[  726.177125][T13634] loop2: detected capacity change from 0 to 8
[  726.191532][T13634] unable to read fragment index table
[  726.991949][T13643] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2611'.
[  728.610874][T13664] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2617'.
[  728.992552][T13673] loop2: detected capacity change from 0 to 8
[  729.001758][T13673] unable to read fragment index table
[  729.350534][T13684] loop7: detected capacity change from 0 to 2048
[  729.624161][T13684] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  731.251391][T13702] hub 2-0:1.0: USB hub found
[  731.262791][T13702] hub 2-0:1.0: 1 port detected
[  738.621082][ T5830] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  738.841068][ T5830] usb 8-1: Using ep0 maxpacket: 32
[  738.855523][ T5830] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  738.885200][ T5830] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  738.902096][T13727] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2638'.
[  738.916882][ T5830] usb 8-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  739.134302][ T5830] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  739.163427][ T5830] usb 8-1: config 0 descriptor??
[  739.203548][T13729] loop8: detected capacity change from 0 to 2048
[  739.221388][T13729] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  739.608147][ T5830] ft260 0003:0403:6030.000D: unknown main item tag 0x0
[  739.625267][ T5830] ft260 0003:0403:6030.000D: unknown main item tag 0x0
[  739.725390][ T5838] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[  739.739671][ T5838] CPU: 0 UID: 0 PID: 5838 Comm: kworker/u9:5 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  739.739734][ T5838] Tainted: [L]=SOFTLOCKUP
[  739.739747][ T5838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[  739.739774][ T5838] Workqueue: hci0 hci_rx_work
[  739.739823][ T5838] Call Trace:
[  739.739834][ T5838]  <TASK>
[  739.739848][ T5838]  dump_stack_lvl+0x100/0x190
[  739.739896][ T5838]  sysfs_warn_dup.cold+0x1c/0x28
[  739.739952][ T5838]  sysfs_create_dir_ns+0x24b/0x2b0
[  739.740002][ T5838]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  739.740048][ T5838]  ? find_held_lock+0x2b/0x80
[  739.740096][ T5838]  ? kobject_add_internal+0x25f/0x930
[  739.740153][ T5838]  ? kobject_add_internal+0x25f/0x930
[  739.740213][ T5838]  ? srso_alias_return_thunk+0x5/0xfbef5
[  739.740259][ T5838]  ? do_raw_spin_unlock+0x145/0x1e0
[  739.740306][ T5838]  kobject_add_internal+0x2c8/0x930
[  739.740371][ T5838]  kobject_add+0x16a/0x1e0
[  739.740428][ T5838]  ? __pfx_kobject_add+0x10/0x10
[  739.740481][ T5838]  ? class_to_subsys+0x10f/0x150
[  739.740549][ T5838]  ? srso_alias_return_thunk+0x5/0xfbef5
[  739.740599][ T5838]  ? srso_alias_return_thunk+0x5/0xfbef5
[  739.740646][ T5838]  ? kobject_put+0xb9/0x640
[  739.740695][ T5838]  ? _raw_spin_unlock+0x28/0x50
[  739.740750][ T5838]  device_add+0x294/0x1950
[  739.740804][ T5838]  ? __pfx_dev_set_name+0x10/0x10
[  739.740866][ T5838]  ? __pfx_device_add+0x10/0x10
[  739.740919][ T5838]  ? srso_alias_return_thunk+0x5/0xfbef5
[  739.740966][ T5838]  ? mgmt_send_event_skb+0x2fb/0x460
[  739.741037][ T5838]  hci_conn_add_sysfs+0x1a3/0x260
[  739.741098][ T5838]  le_conn_complete_evt+0x11cb/0x1f40
[  739.741162][ T5838]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  739.741226][ T5838]  hci_le_conn_complete_evt+0x23c/0x3a0
[  739.741280][ T5838]  ? skb_pull_data+0x15f/0x1e0
[  739.741333][ T5838]  hci_le_meta_evt+0x34a/0x5f0
[  739.741388][ T5838]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  739.741448][ T5838]  hci_event_packet+0x682/0x11c0
[  739.741500][ T5838]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  739.741565][ T5838]  ? __pfx_hci_event_packet+0x10/0x10
[  739.741618][ T5838]  ? srso_alias_return_thunk+0x5/0xfbef5
[  739.741668][ T5838]  ? kcov_remote_start+0x374/0x660
[  739.741723][ T5838]  ? lockdep_hardirqs_on+0x78/0x100
[  739.741770][ T5838]  ? srso_alias_return_thunk+0x5/0xfbef5
[  739.741827][ T5838]  hci_rx_work+0x451/0xfc0
[  739.741886][ T5838]  process_one_work+0x9c2/0x1840
[  739.741948][ T5838]  ? __pfx_process_one_work+0x10/0x10
[  739.741991][ T5838]  ? srso_alias_return_thunk+0x5/0xfbef5
[  739.742047][ T5838]  ? srso_alias_return_thunk+0x5/0xfbef5
[  739.742091][ T5838]  ? assign_work+0x19c/0x250
[  739.742133][ T5838]  worker_thread+0x5da/0xe40
[  739.742193][ T5838]  ? kthread+0x17d/0x730
[  739.742227][ T5838]  ? __pfx_worker_thread+0x10/0x10
[  739.742265][ T5838]  kthread+0x3b3/0x730
[  739.742304][ T5838]  ? __pfx_kthread+0x10/0x10
[  739.742337][ T5838]  ? ret_from_fork+0x79/0xaf0
[  739.742377][ T5838]  ? ret_from_fork+0x79/0xaf0
[  739.742416][ T5838]  ? srso_alias_return_thunk+0x5/0xfbef5
[  739.742462][ T5838]  ? rcu_is_watching+0x12/0xc0
[  739.742511][ T5838]  ? __pfx_kthread+0x10/0x10
[  739.742556][ T5838]  ret_from_fork+0x754/0xaf0
[  739.742598][ T5838]  ? __pfx_ret_from_fork+0x10/0x10
[  739.742639][ T5838]  ? srso_alias_return_thunk+0x5/0xfbef5
[  739.742686][ T5838]  ? rcu_is_watching+0x12/0xc0
[  739.742732][ T5838]  ? srso_alias_return_thunk+0x5/0xfbef5
[  739.742778][ T5838]  ? __switch_to+0x7b9/0x10c0
[  739.742831][ T5838]  ? __pfx_kthread+0x10/0x10
[  739.742870][ T5838]  ret_from_fork_asm+0x1a/0x30
[  739.742956][ T5838]  </TASK>
[  740.103528][ T5830] ft260 0003:0403:6030.000D: chip code: 0000 0000
[  740.158084][ T5838] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  740.173108][ T5838] Bluetooth: hci0: failed to register connection device
[  740.324694][ T5830] ft260 0003:0403:6030.000D: failed to retrieve system status
[  740.332767][ T5830] ft260 0003:0403:6030.000D: probe with driver ft260 failed with error -71
[  740.358147][ T5830] usb 8-1: USB disconnect, device number 6
[  741.342684][T13749] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  741.840186][T13762] binder: 13756:13762 ioctl 4018620d 0 returned -22
[  741.936126][T13758] bridge0: port 2(bridge_slave_1) entered disabled state
[  741.943503][T13758] bridge0: port 1(bridge_slave_0) entered disabled state
[  743.031232][ T5830] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  743.169356][T13774] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2653'.
[  743.221337][ T5830] usb 10-1: Using ep0 maxpacket: 32
[  743.253472][ T5830] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[  743.290955][ T5830] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  743.317665][ T5830] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  743.336932][ T5830] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 255, changing to 11
[  743.374031][ T5830] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 59391, setting to 1024
[  743.435424][ T5830] usb 10-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  743.475645][ T5830] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  743.506047][ T5830] usb 10-1: Product: syz
[  743.510542][ T5830] usb 10-1: Manufacturer: syz
[  743.552332][ T5830] usb 10-1: SerialNumber: syz
[  743.599273][ T5830] usb 10-1: config 0 descriptor??
[  743.731687][T13785] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  743.744550][T13785] syzkaller0: entered promiscuous mode
[  743.750073][T13785] syzkaller0: entered allmulticast mode
[  743.827936][T13785] tipc: Resetting bearer <eth:syzkaller0>
[  743.853607][T13782] tipc: Resetting bearer <eth:syzkaller0>
[  743.894307][T13782] tipc: Disabling bearer <eth:syzkaller0>
[  743.910923][   T24] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  744.063417][   T24] usb 9-1: Using ep0 maxpacket: 16
[  744.096746][   T24] usb 9-1: config 0 has an invalid interface number: 62 but max is 0
[  744.137210][   T24] usb 9-1: config 0 has no interface number 0
[  744.156658][ T5830] iforce 10-1:0.0: usb_submit_urb failed: -32
[  744.162904][ T5914] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  744.170669][ T5830] input input9: Device does not respond to id packet M
[  744.174116][   T24] usb 9-1: config 0 interface 62 altsetting 0 endpoint 0xF has an invalid bInterval 127, changing to 10
[  744.193505][ T5830] input input9: Device does not respond to id packet P
[  744.308970][   T24] usb 9-1: New USB device found, idVendor=0bfd, idProduct=0124, bcdDevice=f7.f9
[  744.342727][   T24] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  744.350998][ T5914] usb 3-1: device descriptor read/64, error -71
[  744.598814][   T24] usb 9-1: Product: syz
[  744.604851][   T24] usb 9-1: Manufacturer: syz
[  744.609504][   T24] usb 9-1: SerialNumber: syz
[  744.636961][ T5830] iforce 10-1:0.0: usb_submit_urb failed: -71
[  744.637910][   T24] usb 9-1: config 0 descriptor??
[  744.649668][ T5830] input input9: Device does not respond to id packet B
[  744.653113][   T24] kvaser_usb 9-1:0.62: error -ENODEV: Cannot get usb endpoint(s)
[  744.664874][ T5830] iforce 10-1:0.0: usb_submit_urb failed: -71
[  744.784515][ T5914] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  745.512588][ T5830] input input9: Device does not respond to id packet N
[  745.559349][ T5830] iforce 10-1:0.0: usb_submit_urb failed: -71
[  745.588535][ T5830] iforce 10-1:0.0: usb_submit_urb failed: -71
[  745.604789][  T114] usb 9-1: USB disconnect, device number 3
[  745.642636][ T5914] usb 3-1: device descriptor read/64, error -71
[  745.761361][ T5830] iforce 10-1:0.0: usb_submit_urb failed: -71
[  745.801380][ T5830] iforce 10-1:0.0: usb_submit_urb failed: -71
[  745.881182][ T5914] usb usb3-port1: attempt power cycle
[  745.886999][ T5830] input: Unknown I-Force Device [%04x:%04x] as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/input/input9
[  746.031050][ T5830] usb 10-1: USB disconnect, device number 8
[  746.420889][ T5914] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  746.460226][ T5914] usb 3-1: device descriptor read/8, error -71
[  747.442782][ T5914] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  747.529931][ T5914] usb 3-1: device descriptor read/8, error -71
[  747.681169][ T5914] usb usb3-port1: unable to enumerate USB device
[  748.213879][T13814] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2668'.
[  749.682013][  T114] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  749.880798][  T114] usb 10-1: Using ep0 maxpacket: 16
[  749.892422][  T114] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  749.931640][  T114] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[  750.000860][  T114] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  750.040907][  T114] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  750.049045][  T114] usb 10-1: Product: syz
[  750.151528][  T114] usb 10-1: Manufacturer: syz
[  750.156246][  T114] usb 10-1: SerialNumber: syz
[  752.001933][  T114] usb 10-1: can't set config #1, error -71
[  752.125967][T13841] lo: Caught tx_queue_len zero misconfig
[  752.145679][  T114] usb 10-1: USB disconnect, device number 9
[  752.175329][T13841] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  753.061143][ T5914] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  753.313304][ T5914] usb 10-1: Using ep0 maxpacket: 32
[  753.364149][ T5914] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[  753.392817][ T5914] usb 10-1: config 0 has no interface number 0
[  753.454097][ T5914] usb 10-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  753.530840][ T5914] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  753.570808][ T5914] usb 10-1: Product: syz
[  753.590036][ T5914] usb 10-1: Manufacturer: syz
[  753.619037][ T5914] usb 10-1: SerialNumber: syz
[  753.653854][ T5914] usb 10-1: config 0 descriptor??
[  753.702080][ T5914] usb 10-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  753.749988][ T5914] usb 10-1: selecting invalid altsetting 1
[  753.772299][ T5914] usb 10-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  753.968598][ T5914] usb 10-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  754.803451][ T5914] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  754.831202][ T5914] usb 10-1: media controller created
[  754.905060][ T5914] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  756.985427][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  756.992377][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  757.042454][T13849] usb 10-1: dvb_usb_ce6230: usb_control_msg() failed=-110
[  757.433995][ T5914] usb 10-1: dvb_usb_ce6230: usb_control_msg() failed=-32
[  757.467964][ T5914] zl10353_read_register: readreg error (reg=127, ret==-32)
[  757.545861][ T5914] usb 10-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  757.863490][ T5914] usb 10-1: USB disconnect, device number 10
[  757.953574][T13883] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  759.584363][T13905] hub 2-0:1.0: USB hub found
[  759.626203][T13905] hub 2-0:1.0: 1 port detected
[  759.880625][T13908] veth3: entered allmulticast mode
[  762.380360][T13944] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  762.602116][  T114] usb 10-1: new full-speed USB device number 11 using dummy_hcd
[  762.793392][T13952] Bluetooth: MGMT ver 1.23
[  762.793685][  T114] usb 10-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  762.855285][  T114] usb 10-1: config 0 interface 0 has no altsetting 0
[  762.935590][  T114] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  762.962664][  T114] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  762.985561][  T114] usb 10-1: Product: syz
[  763.003882][  T114] usb 10-1: Manufacturer: syz
[  763.023866][  T114] usb 10-1: SerialNumber: syz
[  763.051947][  T114] usb 10-1: config 0 descriptor??
[  763.548822][  T114] usb 10-1: selecting invalid altsetting 0
[  763.803340][  T114] usb 10-1: USB disconnect, device number 11
[  764.064145][ T6303] udevd[6303]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  764.561636][ T5914] usb 8-1: new full-speed USB device number 7 using dummy_hcd
[  765.011864][ T5914] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 52, changing to 4
[  765.046794][T13971] loop9: detected capacity change from 0 to 2048
[  765.058664][T13971] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  765.075145][ T5914] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 13368, setting to 1023
[  765.186160][ T5914] usb 8-1: New USB device found, idVendor=3823, idProduct=0001, bcdDevice= 3.eb
[  765.247153][ T5914] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  765.483719][ T5914] usb 8-1: Product: syz
[  766.477551][ T5914] usb 8-1: Manufacturer: syz
[  766.646081][ T5914] usb 8-1: SerialNumber: syz
[  766.664302][ T5914] usb 8-1: config 0 descriptor??
[  767.652697][ T5914] usbtouchscreen 8-1:0.0: probe with driver usbtouchscreen failed with error -71
[  767.711220][ T5914] usb 8-1: USB disconnect, device number 7
[  768.565336][T13992] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  769.045892][ T5914] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  769.084063][T14003] netlink: 64 bytes leftover after parsing attributes in process `syz.9.2729'.
[  769.232749][ T5914] usb 7-1: Using ep0 maxpacket: 16
[  769.275072][ T5914] usb 7-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  769.364769][ T5914] usb 7-1: config 7 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  769.434903][ T5914] usb 7-1: config 7 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[  769.500584][ T5914] usb 7-1: config 7 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  770.264546][ T5914] usb 7-1: config 7 interface 0 has no altsetting 0
[  770.274437][  T114] libceph: connect (1)[c::]:6789 error -101
[  770.287541][ T5914] usb 7-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00
[  770.292596][  T114] libceph: mon0 (1)[c::]:6789 connect error
[  770.332344][T14013] ceph: No mds server is up or the cluster is laggy
[  770.335926][ T5914] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  770.736939][T14021] hub 2-0:1.0: USB hub found
[  770.754340][T14021] hub 2-0:1.0: 1 port detected
[  770.790659][T14025] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2738'.
[  770.924369][ T5914] input: HID 0458:5010 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:7.0/0003:0458:5010.000E/input/input11
[  771.427360][T14031] hub 2-0:1.0: USB hub found
[  771.434049][T14031] hub 2-0:1.0: 1 port detected
[  772.680811][ T5914] kye 0003:0458:5010.000E: input,hiddev0,hidraw0: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.6-1/input0
[  776.072432][ T5914] usb 7-1: USB disconnect, device number 9
[  776.730452][T14060] hfs: can't find a HFS filesystem on dev nullb0
[  776.766013][T14060] netlink: 256 bytes leftover after parsing attributes in process `syz.9.2748'.
[  779.191789][  T114] usb 10-1: new low-speed USB device number 12 using dummy_hcd
[  780.932678][  T114] usb 10-1: config index 0 descriptor too short (expected 1307, got 27)
[  780.946618][  T114] usb 10-1: config 0 has an invalid interface number: 0 but max is -1
[  780.956219][  T114] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 0
[  780.965413][  T114] usb 10-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  780.977212][  T114] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  780.988693][  T114] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  780.999128][  T114] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  782.894506][  T114] usb 10-1: string descriptor 0 read error: -71
[  782.920902][  T114] usb 10-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  782.972576][  T114] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  783.022577][  T114] usb 10-1: config 0 descriptor??
[  783.051682][  T114] usb 10-1: can't set config #0, error -71
[  783.100511][  T114] usb 10-1: USB disconnect, device number 12
[  783.487813][T14097] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  784.150594][T14111] loop9: detected capacity change from 0 to 2048
[  784.218448][T14111] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  784.818256][T14113] loop7: detected capacity change from 0 to 512
[  787.993493][   T52] Bluetooth: hci1: command 0x0406 tx timeout
[  788.128308][T14140] netlink: 48 bytes leftover after parsing attributes in process `syz.6.2761'.
[  788.176733][T14140] random: crng reseeded on system resumption
[  788.933712][T14149] binder_alloc: 14148: binder_alloc_buf, no vma
[  791.576149][T14171] loop2: detected capacity change from 0 to 2048
[  792.400619][T14171] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  793.421391][T14180] ip6tnl0: Caught tx_queue_len zero misconfig
[  799.941793][T14208] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2795'.
[  801.659018][   T52] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  801.671772][   T52] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  801.681328][   T52] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  801.723497][   T52] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  801.731593][   T52] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  804.279541][   T52] Bluetooth: hci4: command tx timeout
[  804.980999][T14233] 8021q: adding VLAN 0 to HW filter on device batadv1
[  805.021771][T14233] team0: Port device batadv1 added
[  805.713370][T10917] syz_tun (unregistering): left allmulticast mode
[  806.312402][   T52] Bluetooth: hci4: command tx timeout
[  806.510281][   T37] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  806.731954][T14216] chnl_net:caif_netlink_parms(): no params data found
[  807.476372][   T37] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  808.420038][   T52] Bluetooth: hci4: command tx timeout
[  808.559428][   T37] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  809.523137][T14267] netlink: 36 bytes leftover after parsing attributes in process `syz.9.2809'.
[  809.557155][   T37] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  809.649964][T14216] bridge0: port 1(bridge_slave_0) entered blocking state
[  809.819544][T14216] bridge0: port 1(bridge_slave_0) entered disabled state
[  809.860103][T14216] bridge_slave_0: entered allmulticast mode
[  809.978639][T14216] bridge_slave_0: entered promiscuous mode
[  810.052343][T14274] netlink: 64 bytes leftover after parsing attributes in process `syz.2.2811'.
[  810.466538][T14216] bridge0: port 2(bridge_slave_1) entered blocking state
[  810.482479][   T52] Bluetooth: hci4: command tx timeout
[  810.547827][T14281] netlink: 'syz.2.2814': attribute type 10 has an invalid length.
[  810.618932][T14216] bridge0: port 2(bridge_slave_1) entered disabled state
[  810.743644][T14216] bridge_slave_1: entered allmulticast mode
[  811.162677][T14216] bridge_slave_1: entered promiscuous mode
[  811.351864][T14281] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  811.500357][T14282] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  813.551160][T14216] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  813.719622][T14216] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  816.194526][T14216] team0: Port device team_slave_0 added
[  816.403949][T14216] team0: Port device team_slave_1 added
[  816.632341][T14315] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2825'.
[  816.736810][   T37] bridge_slave_1: left promiscuous mode
[  816.839817][   T37] bridge0: port 2(bridge_slave_1) entered disabled state
[  817.023070][   T37] bridge_slave_0: left allmulticast mode
[  817.028743][   T37] bridge_slave_0: left promiscuous mode
[  817.061395][T14318] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2826'.
[  817.103799][   T37] bridge0: port 1(bridge_slave_0) entered disabled state
[  818.261176][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  818.267488][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  818.426745][T14332] loop8: detected capacity change from 0 to 512
[  819.453377][T14340] netlink: 'syz.1.2832': attribute type 10 has an invalid length.
[  819.761065][T14345] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  820.971215][T14350] hub 2-0:1.0: USB hub found
[  820.982390][T14350] hub 2-0:1.0: 1 port detected
[  823.123751][T14359] rdma_rxe: rxe_newlink: failed to add vxcan1
[  823.157218][   T31] audit: type=1326 audit(1769457073.237:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14353 comm="syz.8.2834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bbfd9aeb9 code=0x7ffc0000
[  823.870917][   T31] audit: type=1326 audit(1769457073.247:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14353 comm="syz.8.2834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f4bbfd9aeb9 code=0x7ffc0000
[  823.975130][   T31] audit: type=1326 audit(1769457073.247:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14353 comm="syz.8.2834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bbfd9aeb9 code=0x7ffc0000
[  824.028490][   T31] audit: type=1326 audit(1769457073.247:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14353 comm="syz.8.2834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7f4bbfd9aeb9 code=0x7ffc0000
[  824.064620][   T31] audit: type=1326 audit(1769457073.257:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14353 comm="syz.8.2834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bbfd9aeb9 code=0x7ffc0000
[  824.096857][   T31] audit: type=1326 audit(1769457073.257:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14353 comm="syz.8.2834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bbfd9aeb9 code=0x7ffc0000
[  824.516346][   T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  824.562517][   T37] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  824.606728][   T37] bond0 (unregistering): Released all slaves
[  824.652295][T14216] batman_adv: batadv0: Adding interface: batadv_slave_0
[  824.659289][T14216] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  824.793431][T14216] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  824.858396][T14216] batman_adv: batadv0: Adding interface: batadv_slave_1
[  824.900751][T14216] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  825.022751][T14216] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  827.091815][T14340] bridge0: port 3(syz_tun) entered disabled state
[  827.099302][T14340] syz_tun: left promiscuous mode
[  827.537033][T14340] bridge0: port 3(syz_tun) entered disabled state
[  827.697716][T14340] syz_tun: entered promiscuous mode
[  827.738033][T14340] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  827.828608][T14343] bond1: option mode: unable to set because the bond device is up
[  827.959809][   T37] tipc: Left network mode
[  828.179888][T14379] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  828.190949][T14379] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[  828.200590][T14379] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  828.209817][T14379] UDF-fs: Scanning with blocksize 512 failed
[  828.221879][T14379] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  828.233717][T14379] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[  828.243953][T14379] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  828.251995][T14379] UDF-fs: Scanning with blocksize 1024 failed
[  828.271599][T14379] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  828.281909][T14379] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[  828.293133][T14379] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  828.300892][T14379] UDF-fs: Scanning with blocksize 2048 failed
[  828.310114][T14379] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  828.320389][T14379] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[  828.331693][T14379] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  828.339459][T14379] UDF-fs: Scanning with blocksize 4096 failed
[  828.345686][T14379] UDF-fs: warning (device loop2): udf_fill_super: No partition found (1)
[  835.793262][T14216] hsr_slave_0: entered promiscuous mode
[  836.466117][T14216] hsr_slave_1: entered promiscuous mode
[  837.031345][T14411] netlink: 'syz.9.2853': attribute type 10 has an invalid length.
[  837.438095][T14411] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  838.425448][T14416] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  839.336973][T14447] loop2: detected capacity change from 0 to 2048
[  840.073444][T14447] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  840.573836][T14453] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input12
[  840.649017][   T37] hsr_slave_0: left promiscuous mode
[  840.717422][   T37] hsr_slave_1: left promiscuous mode
[  840.783258][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  840.842701][   T37] batman_adv: batadv0: Removing interface: batadv_slave_0
[  840.914237][T14459] loop2: detected capacity change from 0 to 512
[  840.953791][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  840.996726][   T37] batman_adv: batadv0: Removing interface: batadv_slave_1
[  843.797504][T14470] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2868'.
[  844.716092][   T37] veth1_macvtap: left promiscuous mode
[  844.742188][   T37] veth0_macvtap: left promiscuous mode
[  844.815823][   T37] veth1_vlan: left promiscuous mode
[  844.868509][   T37] veth0_vlan: left promiscuous mode
[  844.949217][T14478] netlink: 'syz.9.2871': attribute type 10 has an invalid length.
[  847.268602][T14500] loop2: detected capacity change from 0 to 2048
[  847.880301][T14500] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  848.350035][T14503] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2877'.
[  851.030523][   T37] team0 (unregistering): Port device team_slave_1 removed
[  851.133556][   T37] team0 (unregistering): Port device team_slave_0 removed
[  852.078986][T14470] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2868'.
[  852.084189][T14482] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  852.102209][T14501] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2875'.
[  853.858984][T14542] netlink: 56 bytes leftover after parsing attributes in process `syz.8.2888'.
[  856.153071][T14557] netlink: 'syz.7.2893': attribute type 10 has an invalid length.
[  857.594212][T14563] bond1: option mode: unable to set because the bond device has slaves
[  857.624265][T14565] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2895'.
[  858.510221][T14591] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2899'.
[  859.055914][T14216] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  862.568801][ T5838] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  862.584045][ T5838] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  862.599528][ T5838] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  862.609094][ T5838] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  862.621010][ T5838] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  863.107755][T14639] netlink: 'syz.7.2908': attribute type 10 has an invalid length.
[  863.184673][T14641] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2909'.
[  863.285366][T14639] bond1: (slave macvlan3): Error -98 calling set_mac_address
[  864.434898][T14659] hub 2-0:1.0: USB hub found
[  864.440843][T14659] hub 2-0:1.0: 1 port detected
[  865.476513][ T5838] Bluetooth: hci5: command tx timeout
[  867.562364][ T5838] Bluetooth: hci5: command tx timeout
[  867.962996][T14629] chnl_net:caif_netlink_parms(): no params data found
[  868.731078][T14455] INFO: trying to register non-static key.
[  868.736927][T14455] The code is fine but needs lockdep annotation, or maybe
[  868.744032][T14455] you didn't initialize this object before use?
[  868.750267][T14455] turning off the locking correctness validator.
[  868.756608][T14455] CPU: 0 UID: 0 PID: 14455 Comm: khidpd_00020006 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  868.756666][T14455] Tainted: [L]=SOFTLOCKUP
[  868.756679][T14455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[  868.756702][T14455] Call Trace:
[  868.756713][T14455]  <TASK>
[  868.756726][T14455]  dump_stack_lvl+0x100/0x190
[  868.756776][T14455]  register_lock_class+0x549/0x560
[  868.756840][T14455]  ? srso_alias_return_thunk+0x5/0xfbef5
[  868.756887][T14455]  ? rcu_is_watching+0x12/0xc0
[  868.756933][T14455]  ? srso_alias_return_thunk+0x5/0xfbef5
[  868.756979][T14455]  ? trace_sched_exit_tp+0xcd/0x100
[  868.757040][T14455]  __lock_acquire+0x3cb/0x2630
[  868.757103][T14455]  ? irqentry_exit+0x180/0x670
[  868.757156][T14455]  lock_acquire+0x17c/0x330
[  868.757214][T14455]  ? __mutex_lock+0xcc7/0x1b90
[  868.757264][T14455]  ? schedule+0x2bf/0x390
[  868.757311][T14455]  ? srso_alias_return_thunk+0x5/0xfbef5
[  868.757363][T14455]  _raw_spin_lock_irqsave+0x3a/0x60
[  868.757403][T14455]  ? __mutex_lock+0xcc7/0x1b90
[  868.757452][T14455]  __mutex_lock+0xcc7/0x1b90
[  868.757499][T14455]  ? __pfx_debug_object_deactivate+0x10/0x10
[  868.757550][T14455]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  868.757591][T14455]  ? l2cap_unregister_user+0x71/0x240
[  868.757660][T14455]  ? __pfx___mutex_lock+0x10/0x10
[  868.757708][T14455]  ? __try_to_del_timer_sync+0x107/0x160
[  868.757763][T14455]  ? __try_to_del_timer_sync+0x107/0x160
[  868.757819][T14455]  ? srso_alias_return_thunk+0x5/0xfbef5
[  868.757865][T14455]  ? rcu_is_watching+0x12/0xc0
[  868.757910][T14455]  ? srso_alias_return_thunk+0x5/0xfbef5
[  868.757956][T14455]  ? lockdep_hardirqs_on+0x78/0x100
[  868.758004][T14455]  ? __try_to_del_timer_sync+0x107/0x160
[  868.758059][T14455]  ? __pfx___try_to_del_timer_sync+0x10/0x10
[  868.758117][T14455]  ? __timer_delete_sync+0x151/0x1c0
[  868.758175][T14455]  ? l2cap_unregister_user+0x71/0x240
[  868.758237][T14455]  l2cap_unregister_user+0x71/0x240
[  868.758308][T14455]  hidp_session_thread+0x459/0x680
[  868.758359][T14455]  ? __pfx_hidp_session_thread+0x10/0x10
[  868.758408][T14455]  ? __pfx_hidp_session_wake_function+0x10/0x10
[  868.758455][T14455]  ? __kthread_parkme+0xbb/0x230
[  868.758509][T14455]  ? srso_alias_return_thunk+0x5/0xfbef5
[  868.758555][T14455]  ? rcu_is_watching+0x12/0xc0
[  868.758601][T14455]  ? __pfx_hidp_session_wake_function+0x10/0x10
[  868.758647][T14455]  ? srso_alias_return_thunk+0x5/0xfbef5
[  868.758694][T14455]  ? srso_alias_return_thunk+0x5/0xfbef5
[  868.758740][T14455]  ? __kthread_parkme+0x18c/0x230
[  868.758797][T14455]  ? __pfx_hidp_session_thread+0x10/0x10
[  868.758845][T14455]  kthread+0x3b3/0x730
[  868.758882][T14455]  ? __pfx_kthread+0x10/0x10
[  868.758915][T14455]  ? ret_from_fork+0x79/0xaf0
[  868.758954][T14455]  ? ret_from_fork+0x79/0xaf0
[  868.758991][T14455]  ? srso_alias_return_thunk+0x5/0xfbef5
[  868.759038][T14455]  ? rcu_is_watching+0x12/0xc0
[  868.759084][T14455]  ? __pfx_kthread+0x10/0x10
[  868.759120][T14455]  ret_from_fork+0x754/0xaf0
[  868.759161][T14455]  ? __pfx_ret_from_fork+0x10/0x10
[  868.759202][T14455]  ? srso_alias_return_thunk+0x5/0xfbef5
[  868.759248][T14455]  ? __switch_to+0x7b9/0x10c0
[  868.759303][T14455]  ? __pfx_kthread+0x10/0x10
[  868.759339][T14455]  ret_from_fork_asm+0x1a/0x30
[  868.759411][T14455]  </TASK>
[  869.073068][T14455]  non-slab/vmalloc memory
[  869.077492][T14455] list_del corruption. prev->next should be ffffc9000eab7be0, but was ffff8880361840a8. (prev=ffff8880361840a8)
[  869.090122][T14455] ------------[ cut here ]------------
[  869.095569][T14455] kernel BUG at lib/list_debug.c:62!
[  869.100851][T14455] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
[  869.107264][T14455] CPU: 0 UID: 0 PID: 14455 Comm: khidpd_00020006 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  869.118646][T14455] Tainted: [L]=SOFTLOCKUP
[  869.122970][T14455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[  869.133016][T14455] RIP: 0010:__list_del_entry_valid_or_report+0x14a/0x1d0
[  869.140046][T14455] Code: 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 8d 00 00 00 48 8b 55 00 48 89 e9 48 89 de 48 c7 c7 c0 37 fa 8b e8 77 45 34 fc 90 <0f> 0b 4c 89 e7 e8 3c 9b 5d fd 48 89 ea 48 b8 00 00 00 00 00 fc ff
[  869.159655][T14455] RSP: 0018:ffffc9000eab7ab0 EFLAGS: 00010086
[  869.165721][T14455] RAX: 000000000000006d RBX: ffffc9000eab7be0 RCX: 0000000000000000
[  869.173684][T14455] RDX: 000000000000006d RSI: ffffffff81e5b6c9 RDI: fffff52001d56f47
[  869.181651][T14455] RBP: ffff8880361840a8 R08: 0000000000000005 R09: 0000000000000000
[  869.189646][T14455] R10: 0000000000000002 R11: 6c65645f7473696c R12: ffff8880361840a8
[  869.197611][T14455] R13: 0000000000000246 R14: ffffc9000eab7be0 R15: ffff888036610000
[  869.205576][T14455] FS:  0000000000000000(0000) GS:ffff8881245dc000(0000) knlGS:0000000000000000
[  869.214502][T14455] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  869.221086][T14455] CR2: 00007f8d03dde1b4 CR3: 000000005ddf6000 CR4: 0000000000350ef0
[  869.229068][T14455] Call Trace:
[  869.232372][T14455]  <TASK>
[  869.235368][T14455]  __mutex_remove_waiter+0x1a/0x1a0
[  869.240570][T14455]  ? __mutex_lock+0x7ca/0x1b90
[  869.245337][T14455]  __mutex_lock+0x828/0x1b90
[  869.249929][T14455]  ? __pfx_debug_object_deactivate+0x10/0x10
[  869.255911][T14455]  ? l2cap_unregister_user+0x71/0x240
[  869.261301][T14455]  ? __pfx___mutex_lock+0x10/0x10
[  869.266340][T14455]  ? __try_to_del_timer_sync+0x107/0x160
[  869.271983][T14455]  ? __try_to_del_timer_sync+0x107/0x160
[  869.277620][T14455]  ? srso_alias_return_thunk+0x5/0xfbef5
[  869.283252][T14455]  ? rcu_is_watching+0x12/0xc0
[  869.288018][T14455]  ? srso_alias_return_thunk+0x5/0xfbef5
[  869.293650][T14455]  ? lockdep_hardirqs_on+0x78/0x100
[  869.298864][T14455]  ? __try_to_del_timer_sync+0x107/0x160
[  869.304503][T14455]  ? __pfx___try_to_del_timer_sync+0x10/0x10
[  869.310500][T14455]  ? __timer_delete_sync+0x151/0x1c0
[  869.315797][T14455]  ? l2cap_unregister_user+0x71/0x240
[  869.321188][T14455]  l2cap_unregister_user+0x71/0x240
[  869.326426][T14455]  hidp_session_thread+0x459/0x680
[  869.331544][T14455]  ? __pfx_hidp_session_thread+0x10/0x10
[  869.337206][T14455]  ? __pfx_hidp_session_wake_function+0x10/0x10
[  869.343446][T14455]  ? __kthread_parkme+0xbb/0x230
[  869.348389][T14455]  ? srso_alias_return_thunk+0x5/0xfbef5
[  869.354021][T14455]  ? rcu_is_watching+0x12/0xc0
[  869.358804][T14455]  ? __pfx_hidp_session_wake_function+0x10/0x10
[  869.365047][T14455]  ? srso_alias_return_thunk+0x5/0xfbef5
[  869.370685][T14455]  ? srso_alias_return_thunk+0x5/0xfbef5
[  869.376327][T14455]  ? __kthread_parkme+0x18c/0x230
[  869.381364][T14455]  ? __pfx_hidp_session_thread+0x10/0x10
[  869.387015][T14455]  kthread+0x3b3/0x730
[  869.391079][T14455]  ? __pfx_kthread+0x10/0x10
[  869.395659][T14455]  ? ret_from_fork+0x79/0xaf0
[  869.400335][T14455]  ? ret_from_fork+0x79/0xaf0
[  869.405001][T14455]  ? srso_alias_return_thunk+0x5/0xfbef5
[  869.410632][T14455]  ? rcu_is_watching+0x12/0xc0
[  869.415411][T14455]  ? __pfx_kthread+0x10/0x10
[  869.419994][T14455]  ret_from_fork+0x754/0xaf0
[  869.424581][T14455]  ? __pfx_ret_from_fork+0x10/0x10
[  869.429688][T14455]  ? srso_alias_return_thunk+0x5/0xfbef5
[  869.435322][T14455]  ? __switch_to+0x7b9/0x10c0
[  869.440003][T14455]  ? __pfx_kthread+0x10/0x10
[  869.444586][T14455]  ret_from_fork_asm+0x1a/0x30
[  869.449368][T14455]  </TASK>
[  869.452371][T14455] Modules linked in:
[  869.456439][T14455] ---[ end trace 0000000000000000 ]---
[  869.461883][T14455] RIP: 0010:__list_del_entry_valid_or_report+0x14a/0x1d0
[  869.468914][T14455] Code: 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 8d 00 00 00 48 8b 55 00 48 89 e9 48 89 de 48 c7 c7 c0 37 fa 8b e8 77 45 34 fc 90 <0f> 0b 4c 89 e7 e8 3c 9b 5d fd 48 89 ea 48 b8 00 00 00 00 00 fc ff
[  869.488514][T14455] RSP: 0018:ffffc9000eab7ab0 EFLAGS: 00010086
[  869.494578][T14455] RAX: 000000000000006d RBX: ffffc9000eab7be0 RCX: 0000000000000000
[  869.502535][T14455] RDX: 000000000000006d RSI: ffffffff81e5b6c9 RDI: fffff52001d56f47
[  869.510501][T14455] RBP: ffff8880361840a8 R08: 0000000000000005 R09: 0000000000000000
[  869.518467][T14455] R10: 0000000000000002 R11: 6c65645f7473696c R12: ffff8880361840a8
[  869.526432][T14455] R13: 0000000000000246 R14: ffffc9000eab7be0 R15: ffff888036610000
[  869.534395][T14455] FS:  0000000000000000(0000) GS:ffff8881245dc000(0000) knlGS:0000000000000000
[  869.543344][T14455] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  869.549915][T14455] CR2: 00007f8d03dde1b4 CR3: 000000005ddf6000 CR4: 0000000000350ef0
[  869.557902][T14455] Kernel panic - not syncing: Fatal exception
[  869.564221][T14455] Kernel Offset: disabled
[  869.568538][T14455] Rebooting in 86400 seconds..