last executing test programs:

8m38.85230892s ago: executing program 3 (id=4004):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x5c, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8, 0x13, 0x0}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)
r3 = socket$inet(0x2, 0x2, 0x1)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x6e24, @empty}, 0x10)
r4 = socket$inet(0x2, 0x2, 0x1)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e24, @local}, 0x10)
close(r4)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x900, 0x4064}, [@IFLA_GROUP={0x8}, @IFLA_OPERSTATE={0x5, 0x10, 0x4}]}, 0x30}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0xfffffffc, {0x6, 0x0, 0x8100, 0x0, {0x1, 0x10}, {0x12}, {0xe, 0x10}}, [@TCA_RATE={0x6}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x400c800}, 0x0)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f0000000340)={0xc0, 0x0, 0x10, 0x70bd26, 0x25dfdbfb, {}, [@ETHTOOL_A_DEBUG_MSGMASK={0xac, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x98}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_BITS={0x9c, 0x3, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '%(,\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffffa}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xa}]}, {0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '\'\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '/\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '.!:\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x20000080}, 0x20000040)

8m38.141514942s ago: executing program 3 (id=4021):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr, 0x8}, 0x1c)

8m37.228371614s ago: executing program 3 (id=4043):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x40000, 0x0, 0x6, 0x1}})

8m37.124677425s ago: executing program 3 (id=4046):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
socketpair(0x1, 0x800, 0x10600007, &(0x7f00000000c0))

8m37.014244296s ago: executing program 3 (id=4051):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'})

8m36.076482251s ago: executing program 3 (id=4074):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000023000000bfa30000000000000703000000feffff7a0af0ff0000000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000001007d60b7030000010000006a0a00fe00000000850000000d0000009700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000000000639100000000000000000000ff7f0000292f17cee19d0001000000000000000000cb04fcbb0ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4852f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5d053bdec75dca3772be2c9d2d29db3d36dd01797bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67d4c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f1b1b71b5f7ec6edc76609073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc972a3fd2c46f3c1cde71a19d1a2982492aba0883783d2831210e00d2bfea3bf97ff8836d000000000000946bdb747e416b3064edb4f5aea06eba207ddab9f9baf98bc5192f23d95d33357fc55f92e5937e10995059f3348f69667b9260d504ba96446e1437af6fa875d9d32fdaaae01e6c74f192a23572ef582b7dd867c163c8cedaa2a2c5baceb37d4a40244c9bdca541cc7e65e20f5b5b735e2f33df9bd0614431d7dc5e47bb31c5b827d51733b64ddad4de1cdadce076d19d62e821b435619fb89fc07f81938200b4ebce83db57a6f5e9b1c2cf4b6ee90772d4865bf448d200e5c4e1e044d3587498128273b65670c02ff5c3c3ca633c41324fdc09e0b2621087db26bb0553612f2be27579ede2344a809e6b27d0044f2337895323357caddb54642dac82ae25deb08e111e0b9fa133c9da85dc50c3454ee0ff915331bd7f32f96fb55c7990334b1a1bc4d5d817b82f9fc278cc4858fbfa4d0f32a863c1ce050caddc5ca3b10c3e63daebba039e9f80fdef113a145ace522e8379474aa8849dcc2501df3ffcb02d29d55a1a2cbe00e836db0e6b0a7ffd680dbcf7b982a956998df3dce0e9091a4d736db69038061e"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000100), 0x237}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0xe, 0x20000000000001df, 0x0, 0x0, 0x7, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffefc, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000007c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x1f00, 0x18, 0x19, &(0x7f00000007c0)="9f44948721919580684010a40566", 0x0, 0x7ff, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39", &(0x7f0000000380)="8c5911c525f5cf4c4ecf207ad2ec", 0x0, 0x0, 0xffffffff}, 0x23)

8m21.002244711s ago: executing program 32 (id=4074):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000023000000bfa30000000000000703000000feffff7a0af0ff0000000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000001007d60b7030000010000006a0a00fe00000000850000000d0000009700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000000000639100000000000000000000ff7f0000292f17cee19d0001000000000000000000cb04fcbb0ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4852f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5d053bdec75dca3772be2c9d2d29db3d36dd01797bd3f15aa6aadbeab2a01685108e61aa000000000000000000000000008b798b4f7458d1863cc67d4c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f1b1b71b5f7ec6edc76609073909826151e2b42bf0ed0c8cef3ba2a730a00c87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc972a3fd2c46f3c1cde71a19d1a2982492aba0883783d2831210e00d2bfea3bf97ff8836d000000000000946bdb747e416b3064edb4f5aea06eba207ddab9f9baf98bc5192f23d95d33357fc55f92e5937e10995059f3348f69667b9260d504ba96446e1437af6fa875d9d32fdaaae01e6c74f192a23572ef582b7dd867c163c8cedaa2a2c5baceb37d4a40244c9bdca541cc7e65e20f5b5b735e2f33df9bd0614431d7dc5e47bb31c5b827d51733b64ddad4de1cdadce076d19d62e821b435619fb89fc07f81938200b4ebce83db57a6f5e9b1c2cf4b6ee90772d4865bf448d200e5c4e1e044d3587498128273b65670c02ff5c3c3ca633c41324fdc09e0b2621087db26bb0553612f2be27579ede2344a809e6b27d0044f2337895323357caddb54642dac82ae25deb08e111e0b9fa133c9da85dc50c3454ee0ff915331bd7f32f96fb55c7990334b1a1bc4d5d817b82f9fc278cc4858fbfa4d0f32a863c1ce050caddc5ca3b10c3e63daebba039e9f80fdef113a145ace522e8379474aa8849dcc2501df3ffcb02d29d55a1a2cbe00e836db0e6b0a7ffd680dbcf7b982a956998df3dce0e9091a4d736db69038061e"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000100), 0x237}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0xe, 0x20000000000001df, 0x0, 0x0, 0x7, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffefc, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000007c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r3, 0x1f00, 0x18, 0x19, &(0x7f00000007c0)="9f44948721919580684010a40566", 0x0, 0x7ff, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39", &(0x7f0000000380)="8c5911c525f5cf4c4ecf207ad2ec", 0x0, 0x0, 0xffffffff}, 0x23)

3m54.715439028s ago: executing program 0 (id=8225):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$inet6_int(r3, 0x29, 0xcf, 0x0, 0x0)

3m54.559779614s ago: executing program 0 (id=8230):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
write(r0, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x0, 0x2}, 0x20)

3m54.421996758s ago: executing program 0 (id=8238):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
fstat(r3, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setreuid(0x0, r4)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)

3m54.267980703s ago: executing program 0 (id=8243):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x89901)
move_mount(r2, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

3m54.130205997s ago: executing program 0 (id=8248):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r3, {0x0, 0xd}, {0xffff, 0xb}, {0xd, 0xb}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x1, 0x2, 0x3, 0x4}, 0x2, 0x1, 0xf3975d56, 0x0, 0x7ff, 0xd, 0x19, 0xe, 0x1, 0x2, {0x2, 0x0, 0x5, 0x8001, 0xff, 0x36}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4008000)
r4 = socket$packet(0x11, 0x2, 0x300)
sendto$packet(r4, 0x0, 0x0, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r3, 0x1, 0xd8, 0x6, @broadcast}, 0x14)

3m53.51109677s ago: executing program 0 (id=8268):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x1, 0x0, 0x7ffffffb}]})
mlockall(0x7)

3m53.354668865s ago: executing program 33 (id=8268):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x1, 0x0, 0x7ffffffb}]})
mlockall(0x7)

3m17.842718857s ago: executing program 4 (id=8779):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='fd=', @ANYRESHEX])

3m17.691618422s ago: executing program 4 (id=8782):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000540)="dca65ae67d358391da936a3aaf75e930af885e86d0990679f620fd39973fba3b18a9dff9cdc454a865d5632a7a1d8980356f00fdcceb64e79e131aace82a7c1f26666916cd503ddab20d313e0c80cd3c943f119141f79f0fc7c1b631885c2b0dfc20b025f6781155f31a0bceb94e1042988e47e25684a3fb5f678b7c6b80c275321e1cf66254e817e83f1f1fa3802b80c6c256007fcc7ad1216b0e633f3cf7b65e1c1415992780292a40d01e541501f9bb48cd315b7a7da99856f00d97a39a0c13e0b7a38b03797f1185f6ca85b9b5912ea6977ac701800bae687292a9f3e818ec34306e7f1830e9fb76b91a007dade4941419ce09bd98b9f3dee9763d166bbd645f97868ed9da861cba65e6104806c9aa97308aaebbef2645b3014a157cb013e0884cd6a0bb84ac74c660f06403a756e53f80028dc87f2666cde6b068022ceaef522576b22a3b020d313f2036a9bb3e34e8d5ad29649680df5b87f8597f9a4b6cb70d230178e79a434b7b4ec2f708d9100b57766a68482e6e1deeac8475faac69c62a9f805b5059e540f433c859e1cca11afbff9c9666205a0a8a2acae36c7ef4ea28b2242a0f9ee3fa6610764d05f54bebad7e9d0178b6d839927bc466bd44521fca214d2f8f81c05524edef23eb0c7a61bcddeeeed8f9e7e6427b038dda8e3f122c7c7b867f2a3b0d6c8482bc374eea80a689a241221b2844cd006ca5a1890cea188055c4cafbc4af3f643f391a22ce10eb2d9be9f76b2ea817fded6f04669408e7b886ecb858091e6223e1a12232d7bcfe93ac45371061e5a4b4f05a5318e1294206a490c1", 0x247}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
r2 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r2, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4)
sendmsg$netlink(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000780)=ANY=[@ANYBLOB="1c0000005e00"], 0x1c}], 0x1}, 0x0)

3m17.505190121s ago: executing program 4 (id=8786):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r2, &(0x7f0000000a00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a80)=ANY=[], 0x1b0}}], 0x1, 0x4)
r3 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r3, &(0x7f0000000480), 0x2e9, 0xffe0)

3m17.356059266s ago: executing program 4 (id=8789):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r3, 0x0)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2}, 0x0)

3m17.175563984s ago: executing program 4 (id=8792):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x200000, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='proc\x00', 0x0, 0x0)
setpgid(0x0, r0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)

3m16.853349897s ago: executing program 4 (id=8798):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
write(r0, 0x0, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000400)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4040041)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000a00), 0x100, 0x0)

3m1.788821174s ago: executing program 34 (id=8798):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
write(r0, 0x0, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000400)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4040041)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000a00), 0x100, 0x0)

5.485029278s ago: executing program 2 (id=11313):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
socket$vsock_stream(0x28, 0x1, 0x0)

5.222300045s ago: executing program 2 (id=11317):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40004)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
syz_clone3(&(0x7f0000000140)={0xa08ca000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

5.061256441s ago: executing program 2 (id=11318):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
unshare(0x60000600)

3.992818868s ago: executing program 2 (id=11335):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
write(r0, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f00000027c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000800)=[@rights={{0x18, 0x1, 0x1, [r3, 0xffffffffffffffff]}}], 0x18, 0x20000001}}], 0x1, 0x0)

3.992164028s ago: executing program 6 (id=11323):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
prlimit64(0x0, 0xb, &(0x7f0000000000), 0x0)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x80140, 0x0)
fcntl$setsig(r2, 0xa, 0x21)
fcntl$setlease(r2, 0x400, 0x1)
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x146)

3.991948789s ago: executing program 1 (id=11324):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000001940)={0x0, 0x44}}, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r6=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r6}]}, 0x20}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@ipv6_newrule={0x24, 0x18, 0x409, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@FIB_RULE_POLICY=@FRA_GOTO={0x8, 0x1e, 0x1}]}, 0x24}}, 0x80)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x6c, 0x10, 0x437, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x4c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x38, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @IFLA_GRE_REMOTE={0x14, 0x7, @private2}, @IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_LINK={0x8, 0x1, r6}]}}}]}, 0x6c}}, 0x0)

3.830063915s ago: executing program 1 (id=11325):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014)
renameat2(0xffffffffffffffff, &(0x7f0000000380)='.\x00', 0xffffffffffffffff, &(0x7f00000003c0)='./file0\x00', 0x2)

3.659829522s ago: executing program 7 (id=11328):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0xc, 0x54404d0a08a4d8, 0x4})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
syz_clone(0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0)

3.659087552s ago: executing program 1 (id=11340):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
write(r0, 0x0, 0x0)
r3 = fsopen(&(0x7f0000000280)='configfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x2)
mknodat$loop(r4, &(0x7f00000001c0)='./file0\x00', 0x2, 0x0)

3.070686341s ago: executing program 6 (id=11329):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8000)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
write(r3, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000680)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4c}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x493, &(0x7f0000000740)="$eJzs3MtrXFUYAPDv3jza2kdirY/WqtEiBB9Jk1btwo2i4KKioIu6jElaQqeNNFFsKTYVqRtBCroWl4J/gTsRRF0JbnXjSgpFu2kVhMi9c28yM51pm3aSiZnfDyZzzr1ncs53n+eeM0kAXWso+5FEbIuIXyNioJqtLzBUfbt25ezk31fOTiaxuPjGn0le7uqVs5Nl0fJzW4vMcBqRfpQUldSbO33m+ESlMn2qyI/On3hndO70maffOzFxbPrY9MnxQ4cOHhh77tnxZ9oSZxbX1T0fzO7d/cpbF1+dPHLx7R+/ztq7rVhfG0e7DGWB/7WYa1z3eLsr67DtNemkt4MNYUV6IiLbXX35+T8QPbG88wbi5Q872jhgVWX3pk2tVy8sAhtYEp1uAdAZ5Y0+e/4tX2vU9VgXLr9QfQDK4r5WvKpreiMtyvQ1PN+201BEHFn454vsFas0DgEAUOuTyc8Px1PN+n9p3Je//57/3FHMoQxGxN0RsTMi7omIXRFxb0Re9v6IeGCF9TdODV3f/0kv3XZwtyDr/z1fzG3V9//K3l8M9hS57Xn8fcnRmcr0/mKbDEffpiw/doM6vn3pl09bravt/2WvrP6yL1i041JvwwDd1MT8RN4pbYPL5yP29DaLP1maCUgiYndE7FnZr95RJmae+Gpvq0I3j/8G2jDPtPhlFt5CFv9CNMRfSmrnJ2eum58c3RyV6f2j5VFxvZ9+vvB6q/rvKP42uDxdfa/Z/41FBpPa+dq5lddx4bePWz7TLMe/pfXxn9R/ZmpiPu1P3sznmfuLZe9PzM+fGovoTw7n+brl48ufLfNl+ez4H97X/PzfWXwmq/7BiMgO4oci4uGIeKRo+6MR8VhE7LtB/D+82HpdGX+kHdr/5yOmml7/ljb6YJIdEkv7f+WJnuPff9Oq/lu7/h3MU8PFkvz6dxPNmpNdLhobeCfbDgAAAP4v0vw78Ek6spRO05GR6nf4d8VdaWV2bv7Jo7Pvnpyqfld+MPrScqRroBgPrcxUpseSheI3VsdHx4ux4nK89EAxbvxZz5Y8PzI5W5nqcOzQ7ba2OP8zf/R0unXAKtvSdOl4f7Olrgiw0TTOo6f12XOvRdOLAbAB+Htt6F43Of/TtWoHsPbc/6F7NTv/zzXkjfzBxuT+D93L+Q9dKv2u0y0AOsj9H7rSbfw5/1okNq+PZtT9p4CF1dli/1b/YUUsL1mvOyVPRJSJdF20R2LFiU23VLijlyUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC2+S8AAP//4zHlww==")

3.070470291s ago: executing program 7 (id=11330):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
socket$vsock_stream(0x28, 0x1, 0x0)

3.066888141s ago: executing program 1 (id=11342):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
write(r0, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x2010860, &(0x7f0000000000)=ANY=[@ANYBLOB='context'])

2.777743641s ago: executing program 5 (id=11334):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = memfd_create(&(0x7f00000000c0)='\xfd\x0fm3#/\x00n\xaa\xaa\xe4\x01U\x8b\xc2\f\x03\x19\x9c\x8e\xcb\x90\x00\x00\xaegQ\x0e\x94\\y\x0fU2@\'\x8a\x80\x00$\x12\xfc\xe4.)\x9b\xf2@\xf0\xe0\xdb\x1f\xe6\xb4gc\x13\xda\xf9\xcd7el\xb7\xe6\b\x00\x00\x00\x00\xef\xff\x00vob/~\xc2\x00\b\x00\x00\x00\x00\x00\x00 \xff\xf1\xdem\x9c;%\xb5\"\xe4\xf1x2\x8a\x19p\x04\\\xaa-\x93\xd1\xc4 )\xbfK\xf7E\xf3\x05\xa0\xd0\xe6%\x97\x15\xf0\xab\x86\x90k\x10\xcer\x14\xe0a\xaf\xab\xfe\xd9V\x19\xa5d\x16\x8e]:3\xff\t\xe6\xf7\xb3\xbf\xa3\b[?\xb5\x14t\xd3\x8e\xc0\xe8\xefd\x88\xddz\xa25)\x17\xef\xfb4\xff\xdb\t\x8e\xeb\x1d\\\xf9\x14\xc7\v\xa8\x89\xdb A\xbaBAj\xfe\x18\xc3-+\xd6\xb0K\xee\x1b+\xc7lA\x84\xa6\xfe\x8bU<&\x1a\xe7m\x86\xb7\xa1A\xf9\x02S;C\x99\a.$K\x833\x82\x7f\x1b\'nj\x06\b\xb7\xe8] \x87A[y\xdc\x14\f\xcet\x00\x1f\x0f\xef\xca\xcfz\x7f\an0\xebB\xb8}&\xdd\xc9\xa7\x1dp\t\x9a\xceb \x81\xaaq{H\x88\xdf\xf8\x80\\\x1c8\xfe\xc4\xe3\xb0\x90\xcb\x8b1r\x94\x9f\x00\xce\xc8\xc3\x84\xa0\xc9\b\x00\x81Ks\xba\xbbC6\xd6\x13\xb5\xe086EzD\x18\xd5\x16\x88E\xc6\xf0A9\xf1u\xb3\x85\x02\x12\\Sp\xf4\x9a\xe8\x96^\xe6\xa8K\x12\b}\xff\xcb{\xc6\xf6\xb4\x8b\xb6\xa8Y\xf2\x91\xeeR\v#\xb5)\xb0\x99\x9b-p\xe3\x17\x04\xb0\xdc\x0fk\x11\xe1\x9a\a\x16\xb7\x9b\x88\xfa\x1e`\x84$\xfc\xd7\xf5^X\xd8[}\x032\xd0\x84\xdby\x94Vp\xa5\xcd(\xab\xb6\x95sR\xab\xfc\x8c\'\x9c\x16Q\xad\xbc\xb04%\xb7\xe5\x14\xb1`\x87#X\\W`;\'_4\xc5\xc9\x921<\xd9\xad\x9f\x12@!\xfaI\x88\xab\xef\x86\xe9\a>\xdd7\xb7\x8e\x9c0-o\xc9\xec_|\x02\xc8Ru\x95\xa8#U\xd6J\x87\xf6X\xb6{\x11$\x00\xc8\x14\xcb\xd1nK\xd8\xb9\x0e\x9bA\xed\xbcs\x1fS\r\x12O\x83\x15\xcb(\xdb\xb1S\x1f%\x04\x9a\xa0l\xa3}\xe7r\x02\x00\x00\x00\x8aeh;F[\xe2\x1c<L\xaa\x87A\xcdN#\xfb\xb0\xf2\x1e\x0e#J\xd0hB<\xc0\x82A0)p\xe7&J\x82\x83\x83\xd14\x01\xcf\x1b\xa9\x1d\x1ef\x0f\x86(1\xd6l\xd2\x8f\xb0\xad\t\x15\xdb|\x87\xf1\xc4\xb8\xb2\x9a\xd2A\x80\xbf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd6\x80\x00\x00\x00\x00\x00\x00\x00\x88&}\xd1\x00\x00\x00\xe6\xaf\t\x9f\x96\rN\xc9\x90\xbe\xed\x1ad\x14\xe7\x84\t\'\x8b\x00\xdd\xc9\x0f\x14v\xb6\x04\xf2U\xb4\xf6\xbe\xddT\xcb\x00\x00\x00\x00\x00\x00\xe9\x00\x00\x00\x00\x00\x00o:}\xa7jmH\xedn\x11\xfe\xe2\x0fT\x00\x94\xbc\xc6\x7f\x93eE1xp\xa3\xdc\xd7K9J<\xeb\xd2!\xf4\x19\xbd#\xb8\x83\x858\n\xf8\x12Z\x1a\x12\xfa\xcc\x04\r\xf3\xf4;\v\x15b^\xea\xa2\x04 \xe8\x99\xb3\x97\x9e\r\xb0\x05\xbb(f\xd0\x85\xc5\x15\xae#\x12Q\xacF\xfb\xc8\xbd\xcc#\v\x00\x00\x00\x00\x00\x00\x8f\x9b\x00\x03\xc8}\x11\xbc\x01\x8fi\xf5\x7f\xaf\x11\xfb\x16\x95\xdfc\xc9\x8a/&\x81w\xdf]ao\\\x88\xf7\xce\xbd\xb0\xa6J~\x8d\xf1\xe9\x1c\xcfo\xb3\xdc\x04Y\x8e\r\xf5\xa0\xeft\x06G0\xe3D\xd6\xa3L\xedN\x0e\xdc@7\xd8^\xae\xea\x92\xbe\x9c\xf9~c\xc1|\xca\x8d\x93R\xe5\xceU\xa5\x0f\xbf\xd8l\x96`\x0f\x00e\x8aR{\x17Y\x15m>\xe26 \x19k&.\x7f\x1d~\xdaI\xd4\x99\a+\xdf]\xbc\xa6\xc3\x0f\x99W\x9c-t\v\xc7J\xfd\x91\x853\xd1j;\x19W\x96V\x8az+\xf9\x82#\xfaC\xa3YN:\xe8\xda\xbc\xb2h\x8f\xe0\xc6d\x96\xccy\xb3\xc2\x98\x1c\xca\xde\"\xaeW\x89\x83\xc2sB\xe7\b\x9b9~}\xc2\xb3\x1d\xcc?\xd1\x89\xef\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00J[\xc4\x04\xc1\xa6\x10\xc2\x9d\x11\t|\xc0\t\xd9(\x80\xe6s\xaa\x88\x8a\xd6\xa2\x01\x10W]Z\x8d\xf7\xd1P\xf9d\x01|\xa3\x03hSq\x95\x8f\xe1J\xd3#/fcCz\xff\x80\xe2M\xa3-r\xf6\x1a\xd74\xdc\xe1\xe4\xc3\x9dU t}\x02\x9a{C|S\xf4\x98\x05\xb9\x15}\xfa\"\xdc\xc2r\xf9\a\xadnD\xb6\x06\xd3\'\x10\x9f|\x17\xd6\x89O\f\x98@\x85\xa5m\x9d\\&\x17o\x11Z=l\xfb\x93\x8exZ', 0x6)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x8010002})

2.777523561s ago: executing program 7 (id=11336):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r2, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)

2.773208961s ago: executing program 1 (id=11337):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x3, 0x9)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x1, 0x20000000, @dev={0xfe, 0x80, '\x00', 0x5}, 0x4}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x36, 0x0, 0x0, 0x20000000}, 0xa}], 0x400000000000172, 0x0)

2.693903309s ago: executing program 2 (id=11338):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, 0x0, 0x0, 0x4)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0xc, 0x54404d0a08a4d8, 0x4})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r3, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000000)={0x28, 0x11, 0x1, 0x0, 0x25dfdbff, "", [@nested={0x18, 0x0, 0x0, 0x0, [@typed={0x11, 0x0, 0x0, 0x0, @binary="56ccabd869c2033840919fdc5a"}]}]}, 0x28}], 0x1, 0x0, 0x0, 0xc010}, 0x40080)

1.209019819s ago: executing program 1 (id=11339):
r0 = getpid()
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r2, @ANYRES64=r1], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r2, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r1, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
futex(&(0x7f0000000040)=0x2, 0x9, 0x1, &(0x7f0000000080), 0x0, 0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r4, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30)

1.180255192s ago: executing program 7 (id=11341):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x28181, 0x0)
readv(r4, 0x0, 0x0)

1.133352676s ago: executing program 2 (id=11343):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r3=>0x0})
r4 = socket(0x10, 0x2, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000280)=@ipv4_newrule={0x54, 0x20, 0x1, 0x0, 0x0, {0x2, 0x0, 0x20, 0x0, 0x3}, [@FRA_GENERIC_POLICY=@FRA_OIFNAME={0x14, 0x11, 'veth0_macvtap\x00'}, @FRA_SRC={0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}, @FRA_GENERIC_POLICY=@FRA_DPORT_RANGE={0x8, 0x18, {0x4e20, 0x4e24}}, @FRA_GENERIC_POLICY=@FRA_IIFNAME={0x14, 0x3, 'wg0\x00'}]}, 0x54}}, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x40, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IE={0x11, 0x2a, [@random={0xdd, 0xb, 'abcdefghijk'}]}, @NL80211_ATTR_SCAN_SSIDS={0x10, 0x2d, 0x0, 0x1, [{0xa, 0x0, @default_ap_ssid}]}]}, 0x40}}, 0x0)
nanosleep(&(0x7f0000000080)={0x0, 0x4c4b40}, &(0x7f00000000c0))
syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f0000000100)=ANY=[@ANYBLOB="5000000008021100000108021100000008021100000000000000000091f75d64ac5259b4d1646e1105e0fb000000006400010000060202020202fadfec1c7a4dff7e46d2f20789c59d02010882848b960c12"], 0x36)

1.011379149s ago: executing program 7 (id=11344):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
getcwd(&(0x7f00000000c0)=""/184, 0xb8)

979.513632ms ago: executing program 6 (id=11345):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)

810.567649ms ago: executing program 7 (id=11346):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2000003, 0x4082172, 0xffffffffffffffff, 0x418a6000)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

809.966059ms ago: executing program 5 (id=11347):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0xc, 0x54404d0a08a4d8, 0x4})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
syz_clone(0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0)

705.340609ms ago: executing program 6 (id=11348):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40004)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
syz_clone3(&(0x7f0000000140)={0xa08ca000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

572.222252ms ago: executing program 5 (id=11349):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r4, 0x0, 0x0, 0x40008c1, &(0x7f00000000c0)={0x11, 0x86dd, 0x0, 0x1, 0x62}, 0x14)

526.168417ms ago: executing program 6 (id=11350):
rt_sigaction(0xd, 0x0, 0x0, 0x8, &(0x7f0000000300))
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000580), 0x7, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000140)={0x7, 0x1, 0x2})
r3 = shmget(0x1, 0x4000, 0x200, &(0x7f0000ffb000/0x4000)=nil)
shmctl$IPC_RMID(r3, 0x0)

365.281964ms ago: executing program 5 (id=11351):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f00000001c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
write(r0, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
clock_settime(0x0, &(0x7f0000000000)={0x77359400})

296.56188ms ago: executing program 6 (id=11352):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r3 = add_key$user(&(0x7f0000000200), &(0x7f0000000440), &(0x7f00000000c0), 0x14b, 0xfffffffffffffffd)
r4 = add_key(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz', 0x0}, &(0x7f00000002c0)='4', 0xba, 0xfffffffffffffffe)
r5 = add_key$user(&(0x7f0000000540), &(0x7f0000000380)={'syz', 0x2}, &(0x7f0000000580)="ed", 0x1, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r5, r3, r4}, 0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={'blake2b-256\x00'}})

159.493974ms ago: executing program 5 (id=11353):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r3 = socket$inet_icmp(0x2, 0x2, 0x1)
sendmmsg$inet(r3, &(0x7f00000053c0)=[{{&(0x7f0000000200)={0x2, 0x4e22, @local}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000140)='\b\x00\x00\x00(\x00\x00\x00', 0x8}], 0x1}}], 0x1, 0x4800)
recvfrom(r3, 0x0, 0x0, 0x40000040, 0x0, 0x0)

0s ago: executing program 5 (id=11354):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'sit0\x00', <r4=>0x0})
ioctl$sock_inet6_SIOCSIFDSTADDR(r3, 0x8918, &(0x7f0000000080)={@loopback={0x0, 0x3fc}, 0x0, r4})

kernel console output (not intermixed with test programs):

from 0 to 16
[  540.438602][T18950] erofs: (device loop4): mounted with root inode @ nid 36.
[  541.058134][T18971] netlink: 308 bytes leftover after parsing attributes in process `syz.2.6402'.
[  541.739812][T18990] netlink: 'syz.2.6409': attribute type 16 has an invalid length.
[  541.771153][T18990] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.6409'.
[  543.358393][T19069] netlink: 'syz.4.6447': attribute type 4 has an invalid length.
[  543.416136][T19069] netlink: 'syz.4.6447': attribute type 5 has an invalid length.
[  543.440870][T19069] netlink: 'syz.4.6447': attribute type 1 has an invalid length.
[  544.068705][T19107] xt_CT: You must specify a L4 protocol and not use inversions on it
[  544.493919][T19129] sch_tbf: burst 4394 is lower than device lo mtu (11337746) !
[  544.971388][T19141] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6480'.
[  545.595969][T19160] loop5: detected capacity change from 0 to 512
[  545.706315][T19160] EXT4-fs error (device loop5): ext4_xattr_inode_iget:404: inode #11: comm syz.5.6489: ea_inode with extended attributes
[  545.726854][T19160] EXT4-fs error (device loop5): ext4_xattr_inode_iget:409: comm syz.5.6489: error while reading EA inode 11 err=-117
[  545.742630][T19160] EXT4-fs (loop5): 1 orphan inode deleted
[  545.750723][T19160] EXT4-fs (loop5): mounted filesystem without journal. Opts: nodioread_nolock,journal_dev=0x00000000000000ff,debug_want_extra_isize=0x000000000000004c,nouid32,resgid=0x0000000000000000,acl,init_itable=0x0000000000008d55,,errors=continue. Quota mode: none.
[  546.812091][T17261] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  546.929963][T19238] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6522'.
[  547.232073][T17261] usb 5-1: config 0 has no interfaces?
[  547.413592][T17261] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  547.440170][T17261] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  547.466240][T17261] usb 5-1: Product: syz
[  547.470681][T17261] usb 5-1: Manufacturer: syz
[  547.481664][T17261] usb 5-1: SerialNumber: syz
[  547.504763][T17261] usb 5-1: config 0 descriptor??
[  547.782283][T17262] usb 5-1: USB disconnect, device number 8
[  548.018171][T19271] loop5: detected capacity change from 0 to 32768
[  548.146121][T19290] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  548.177149][T19290] 8021q: adding VLAN 0 to HW filter on device bond0
[  548.193382][T19290] 8021q: adding VLAN 0 to HW filter on device team0
[  548.215159][T19290] 8021q: adding VLAN 0 to HW filter on device batadv0
[  548.739023][T19303] loop4: detected capacity change from 0 to 512
[  549.120971][T19290] batman_adv: batadv0: Interface activated: batadv_slave_0
[  549.170297][T19290] batman_adv: batadv0: Interface activated: batadv_slave_1
[  549.255359][T19290] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  549.260388][T19271] XFS (loop5): Mounting V5 Filesystem
[  549.276552][T19290] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  549.278392][T19303] EXT4-fs (loop4): orphan cleanup on readonly fs
[  549.293286][T19290] net veth1_virt_wifi virt_wifi0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  549.308027][T19290] device veth1_vlan left promiscuous mode
[  549.315541][T19290] device veth0_vlan left promiscuous mode
[  549.325205][T19290] device veth0_vlan entered promiscuous mode
[  549.335910][T19290] device veth1_vlan entered promiscuous mode
[  549.341330][T19303] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  549.349041][T19290] device veth0_macvtap left promiscuous mode
[  549.360520][T19290] device veth0_macvtap entered promiscuous mode
[  549.369625][T19290] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  549.378757][T19290] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  549.387940][T19290] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  549.396837][T19290] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  549.412741][T19303] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  549.415007][T19290] A link change request failed with some changes committed already. Interface pimreg may have been left with an inconsistent configuration, please check.
[  549.457451][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  549.473320][T19303] EXT4-fs error (device loop4): ext4_acquire_dquot:6209: comm syz.4.6552: Failed to acquire dquot type 1
[  549.485248][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  549.512357][T19271] XFS (loop5): Ending clean mount
[  549.521000][T19303] EXT4-fs (loop4): 1 truncate cleaned up
[  549.526248][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  549.545929][T19303] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpid,resuid=0x0000000000000000,nodelalloc,dioread_nolock,quota,,errors=continue. Quota mode: writeback.
[  549.608381][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  549.609276][T19271] XFS (loop5): Quotacheck needed: Please wait.
[  549.616943][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  549.642187][ T4323] bridge0: port 1(bridge_slave_0) entered blocking state
[  549.649331][ T4323] bridge0: port 1(bridge_slave_0) entered forwarding state
[  549.657981][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  549.683487][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  549.697534][T19321] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6558'.
[  549.716333][ T4323] bridge0: port 2(bridge_slave_1) entered blocking state
[  549.723512][ T4323] bridge0: port 2(bridge_slave_1) entered forwarding state
[  549.758540][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  549.779806][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  549.798040][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  549.811429][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  549.822058][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  549.834090][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  549.843537][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  549.853029][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  549.863038][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  549.880569][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  549.905221][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  549.939126][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  549.949234][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  549.958872][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  549.968329][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  549.978166][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  550.046788][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  550.048744][T19271] XFS (loop5): Quotacheck: Done.
[  550.096913][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  550.127182][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  550.157140][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  550.187925][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  550.237326][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  550.276011][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  550.305584][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  550.329740][T19326] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6559'.
[  550.352502][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  550.366938][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  550.405582][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  550.430220][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  550.478605][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  550.516683][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  550.677085][T13959] XFS (loop5): Unmounting Filesystem
[  551.064109][T19362] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6577'.
[  551.417047][T19372] binder: 19371:19372 ioctl 400c620e 0 returned -14
[  552.905647][T19397] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  552.979147][T19399] loop4: detected capacity change from 0 to 512
[  553.010757][T19403] raw_sendmsg: syz.5.6594 forgot to set AF_INET. Fix it!
[  553.043906][T19399] EXT4-fs (loop4): Ignoring removed orlov option
[  553.050396][T19399] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  553.141847][T19399] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  553.224959][T19399] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2229: inode #15: comm syz.4.6592: corrupted in-inode xattr
[  553.305949][T19399] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.6592: couldn't read orphan inode 15 (err -117)
[  553.386317][T19399] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,orlov,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[  553.612720][   T26] audit: type=1326 audit(2000000190.743:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19426 comm="syz.1.6605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  553.708657][   T26] audit: type=1326 audit(2000000190.783:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19426 comm="syz.1.6605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  553.805067][T19433] tmpfs: Unknown parameter 'noswap'
[  553.808440][   T26] audit: type=1326 audit(2000000190.803:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19426 comm="syz.1.6605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  553.900093][   T26] audit: type=1326 audit(2000000190.803:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19426 comm="syz.1.6605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  554.008141][   T26] audit: type=1326 audit(2000000190.803:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19426 comm="syz.1.6605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  554.098650][   T26] audit: type=1326 audit(2000000190.803:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19426 comm="syz.1.6605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  554.130035][T19445] loop4: detected capacity change from 0 to 2048
[  554.143010][   T26] audit: type=1326 audit(2000000190.803:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19426 comm="syz.1.6605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  554.195597][T19452] netlink: 44 bytes leftover after parsing attributes in process `syz.1.6617'.
[  554.230604][T19452] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6617'.
[  554.314624][T19445] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  554.717569][   T26] audit: type=1326 audit(554.647:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19474 comm="syz.1.6628" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f27994c76c9 code=0x0
[  555.094839][T19492] loop0: detected capacity change from 0 to 512
[  556.256726][T19506] overlayfs: overlapping lowerdir path
[  556.726850][T19534] netlink: 'syz.5.6653': attribute type 27 has an invalid length.
[  557.312920][T19571] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6671'.
[  557.629938][   T26] audit: type=1326 audit(557.557:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19592 comm="syz.2.6683" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2680f1c6c9 code=0x0
[  558.111440][T19617] overlayfs: overlapping lowerdir path
[  558.384811][T19627] dns_resolver: Unsupported content type (240)
[  558.938119][T19635] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6703'.
[  559.438405][T19635] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6703'.
[  559.484499][T19635] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6703'.
[  559.529780][T19635] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6703'.
[  559.873761][T19663] dns_resolver: Unsupported content type (240)
[  560.096372][T19681] netlink: 'syz.0.6723': attribute type 6 has an invalid length.
[  560.120326][T19676] netlink: 132 bytes leftover after parsing attributes in process `syz.1.6720'.
[  560.433275][T19692] xt_CT: No such helper "pptp"
[  560.638249][T19705] tmpfs: Bad value for 'mpol'
[  560.828546][T19712] fuse: Bad value for 'fd'
[  561.884370][T19766] lo: Caught tx_queue_len zero misconfig
[  562.032222][T19769] netlink: 'syz.4.6761': attribute type 10 has an invalid length.
[  562.040219][T19769] netlink: 40 bytes leftover after parsing attributes in process `syz.4.6761'.
[  562.053150][T19769] net veth1_virt_wifi virt_wifi0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  562.075261][T19769] batman_adv: batadv0: Adding interface: virt_wifi0
[  562.082291][T19769] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  562.108756][T19769] batman_adv: batadv0: Interface activated: virt_wifi0
[  562.893116][T19783] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6767'.
[  563.127301][ T1428] ieee802154 phy0 wpan0: encryption failed: -22
[  563.139984][ T1428] ieee802154 phy1 wpan1: encryption failed: -22
[  563.861887][ T8972] usb 5-1: new full-speed USB device number 9 using dummy_hcd
[  564.227741][ T8972] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xB3, skipping
[  564.238666][ T8972] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  564.258676][ T8972] usb 5-1: New USB device found, idVendor=172f, idProduct=0037, bcdDevice= 0.00
[  564.268479][ T8972] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  564.285109][ T8972] usb 5-1: config 0 descriptor??
[  564.325718][ T8972] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  564.543515][ T8972] usb 5-1: USB disconnect, device number 9
[  565.019901][T19908] netlink: 24 bytes leftover after parsing attributes in process `syz.0.6830'.
[  565.684747][T19941] futex_wake_op: syz.1.6845 tries to shift op by 32; fix this program
[  568.249796][T19992] hugetlbfs: syz.1.6867 (19992): Using mlock ulimits for SHM_HUGETLB is deprecated
[  568.496834][T20006] netlink: 628 bytes leftover after parsing attributes in process `syz.1.6874'.
[  568.623968][T20015] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6879'.
[  569.146523][T20042] loop5: detected capacity change from 0 to 512
[  569.166601][T20046] 9pnet: Insufficient options for proto=fd
[  569.327544][T20042] EXT4-fs error (device loop5): ext4_orphan_get:1427: comm syz.5.6892: bad orphan inode 11862016
[  569.352029][T20055] netlink: 100 bytes leftover after parsing attributes in process `syz.0.6898'.
[  569.399643][T20042] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  569.611051][T20072] loop0: detected capacity change from 0 to 16
[  569.661992][T20072] erofs: (device loop0): mounted with root inode @ nid 36.
[  570.107833][T20090] tmpfs: Unknown parameter 'noswap'
[  570.471287][T20102] batadv_slave_0: Caught tx_queue_len zero misconfig
[  570.513315][T20104] input: syz1 as /devices/virtual/input/input11
[  571.047211][T20126] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6929'.
[  571.186661][T20134] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6932'.
[  571.398308][T20140] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6935'.
[  571.952955][T20157] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6944'.
[  573.292860][T20181] loop0: detected capacity change from 0 to 512
[  574.426446][T20193] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6959'.
[  574.435516][T20181] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a806e02c, mo2=0002]
[  574.468134][T20181] System zones: 1-12
[  574.516905][T20181] EXT4-fs error (device loop0): dx_probe:823: inode #2: comm syz.0.6952: Directory hole found for htree index block 0
[  574.605378][T20181] EXT4-fs (loop0): Remounting filesystem read-only
[  574.616982][T20181] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -117
[  574.655856][T20181] EXT4-fs error (device loop0): dx_probe:823: inode #2: comm syz.0.6952: Directory hole found for htree index block 0
[  574.722714][T20181] EXT4-fs (loop0): Remounting filesystem read-only
[  574.729654][T20181] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[  574.782666][T20181] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpjquota=Jdebug,jqfmt=vfsold,noquota,bsdgroups,usrjquota="nojournal_checksum,errors=remount-ro,,. Quota mode: writeback.
[  574.881543][T20177] EXT4-fs (loop0): Unrecognized mount option "©õr$þù”üÜÒHÐò3bÏ\ƒ$—iSµP4â¾ßÆà¢|7ÇÎ'
 ¸	ª$¿…Ëð}Ÿý4Ù_;òT[?’W‘ª
[  574.881543][T20177] :ÁnÌo�n~³º†b!Ór™¤ƒ
ÜxëódÌhuÜÇ‹ÍTes2rüÞ8Έ•§îñ!Q2#±c@ö³ÙzO¶�&øré\vUAû‘Ø;#àì—}ª¶lÞ2cJ¨cÉDdšV�#·º’Êêks§©=a‘•ßûÔÖ?=�" or missing value
[  575.740990][T20252] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6986'.
[  578.178907][T20315] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  579.958331][T20354] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7034'.
[  580.970246][T20400] 9pnet: p9_errstr2errno: server reported unknown error aaaaaaaaa
[  581.960846][T20434] overlayfs: failed to clone lowerpath
[  582.432858][T20455] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7082'.
[  582.775071][T20475] netlink: 104 bytes leftover after parsing attributes in process `syz.5.7092'.
[  583.165487][T20490] netlink: 32 bytes leftover after parsing attributes in process `syz.1.7099'.
[  583.214850][   T26] audit: type=1326 audit(583.147:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20486 comm="syz.0.7100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaf464f6c9 code=0x7fc00000
[  584.707585][T20527] netlink: 20 bytes leftover after parsing attributes in process `syz.5.7116'.
[  585.225788][   T26] audit: type=1326 audit(585.157:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20544 comm="syz.4.7125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8fee1d6c9 code=0x7ffc0000
[  585.320789][   T26] audit: type=1326 audit(585.197:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20544 comm="syz.4.7125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8fee1d6c9 code=0x7ffc0000
[  585.449240][   T26] audit: type=1326 audit(585.197:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20544 comm="syz.4.7125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff8fee1d6c9 code=0x7ffc0000
[  585.555177][   T26] audit: type=1326 audit(585.197:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20544 comm="syz.4.7125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8fee1d6c9 code=0x7ffc0000
[  585.661542][T20562] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7134'.
[  585.667673][   T26] audit: type=1326 audit(585.197:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20544 comm="syz.4.7125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8fee1d6c9 code=0x7ffc0000
[  585.708875][T20562] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7134'.
[  585.767557][   T26] audit: type=1326 audit(585.207:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20544 comm="syz.4.7125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff8fee1d6c9 code=0x7ffc0000
[  585.884705][   T26] audit: type=1326 audit(585.207:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20544 comm="syz.4.7125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8fee1d6c9 code=0x7ffc0000
[  585.957756][   T26] audit: type=1326 audit(585.207:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20544 comm="syz.4.7125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff8fee1d6c9 code=0x7ffc0000
[  586.021057][   T26] audit: type=1326 audit(585.207:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20544 comm="syz.4.7125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8fee1d6c9 code=0x7ffc0000
[  586.467671][T20589] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  589.017487][T20668] netlink: 68 bytes leftover after parsing attributes in process `syz.4.7181'.
[  589.374759][T20691] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  589.953341][T20721] loop4: detected capacity change from 0 to 128
[  590.392890][T20721] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  590.599940][T20760] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7225'.
[  590.630226][T20760] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7225'.
[  590.649492][T20760] netlink: 16 bytes leftover after parsing attributes in process `syz.5.7225'.
[  590.680893][T20760] netlink: 16 bytes leftover after parsing attributes in process `syz.5.7225'.
[  591.817775][   T26] kauditd_printk_skb: 7 callbacks suppressed
[  591.817791][   T26] audit: type=1326 audit(591.747:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20822 comm="syz.5.7257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e490416c9 code=0x7ffc0000
[  591.982550][   T26] audit: type=1326 audit(591.797:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20822 comm="syz.5.7257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e490416c9 code=0x7ffc0000
[  592.095255][   T26] audit: type=1326 audit(591.797:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20822 comm="syz.5.7257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7f3e490416c9 code=0x7ffc0000
[  592.176210][   T26] audit: type=1326 audit(591.797:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20822 comm="syz.5.7257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e490416c9 code=0x7ffc0000
[  592.268390][   T26] audit: type=1326 audit(591.797:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20822 comm="syz.5.7257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e490416c9 code=0x7ffc0000
[  592.485072][T20859] netlink: 120 bytes leftover after parsing attributes in process `syz.4.7272'.
[  592.531962][T20859] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7272'.
[  592.568324][T20861] overlayfs: missing 'lowerdir'
[  592.574163][T20859] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7272'.
[  592.597781][T20859] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7272'.
[  593.111402][T20885] xt_CHECKSUM: unsupported CHECKSUM operation 68
[  598.335677][T21073] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7369'.
[  598.384736][T21076] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7370'.
[  599.711600][T21158] netlink: 84 bytes leftover after parsing attributes in process `syz.0.7410'.
[  599.761436][T21160] netlink: 'syz.4.7412': attribute type 4 has an invalid length.
[  600.064667][T21178] overlayfs: failed to clone upperpath
[  601.449761][T21215] overlayfs: invalid origin (0000)
[  602.201165][T21272] netlink: 68 bytes leftover after parsing attributes in process `syz.1.7463'.
[  602.372988][T21279] can: request_module (can-proto-0) failed.
[  602.423358][T21286] netlink: 132 bytes leftover after parsing attributes in process `syz.1.7468'.
[  602.515202][T21291] IPv6: NLM_F_CREATE should be specified when creating new route
[  604.794085][T21349] loop0: detected capacity change from 0 to 8192
[  605.137877][T21380] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000616)
[  605.203472][T21380] FAT-fs (loop0): Filesystem has been set read-only
[  605.570554][T21403] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7523'.
[  606.695933][T21421] netlink: 68 bytes leftover after parsing attributes in process `syz.4.7530'.
[  606.924358][T21437] netlink: 24 bytes leftover after parsing attributes in process `syz.2.7537'.
[  606.961410][T21440] unsupported nla_type 35
[  607.021956][T17262] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  607.074467][T21449] netlink: 'syz.5.7544': attribute type 17 has an invalid length.
[  607.238490][T21447] ipt_CLUSTERIP: Please specify destination IP
[  607.292084][T17262] usb 1-1: Using ep0 maxpacket: 8
[  607.432224][T17262] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  607.463516][T17262] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  607.507950][T17262] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  607.742018][T17262] usb 1-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  607.768275][T17262] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  607.790959][T17262] usb 1-1: Product: syz
[  607.819501][T17262] usb 1-1: Manufacturer: syz
[  607.892103][T17262] usb 1-1: SerialNumber: syz
[  608.035561][T17262] usb 1-1: config 0 descriptor??
[  608.186238][T17262] radio-si470x 1-1:0.0: could not find interrupt in endpoint
[  608.283987][T17262] radio-si470x: probe of 1-1:0.0 failed with error -5
[  608.393747][T17262] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  611.209544][ T8972] usb 1-1: USB disconnect, device number 6
[  611.702841][   T26] audit: type=1326 audit(611.637:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21557 comm="syz.0.7590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaf464f6c9 code=0x7ffc0000
[  611.760488][   T26] audit: type=1326 audit(611.637:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21557 comm="syz.0.7590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7faaf464f6c9 code=0x7ffc0000
[  611.830569][   T26] audit: type=1326 audit(611.637:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21557 comm="syz.0.7590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaf464f6c9 code=0x7ffc0000
[  611.903080][   T26] audit: type=1326 audit(611.637:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21557 comm="syz.0.7590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaf464f6c9 code=0x7ffc0000
[  611.928990][   T26] audit: type=1326 audit(611.637:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21557 comm="syz.0.7590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7faaf464f6c9 code=0x7ffc0000
[  611.951570][   T26] audit: type=1326 audit(611.637:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21557 comm="syz.0.7590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaf464f6c9 code=0x7ffc0000
[  612.077958][   T26] audit: type=1326 audit(611.637:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21557 comm="syz.0.7590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaf464f6c9 code=0x7ffc0000
[  612.161922][   T26] audit: type=1326 audit(611.657:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21557 comm="syz.0.7590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7faaf464f6c9 code=0x7ffc0000
[  612.246378][   T26] audit: type=1326 audit(611.657:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21557 comm="syz.0.7590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaf464f6c9 code=0x7ffc0000
[  612.337133][   T26] audit: type=1326 audit(611.657:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21557 comm="syz.0.7590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaf464f6c9 code=0x7ffc0000
[  613.315789][T21630] overlayfs: unrecognized mount option "verity=require" or missing value
[  615.020671][T21682] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7650'.
[  615.440482][T21712] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  615.588186][T21722] netlink: 160 bytes leftover after parsing attributes in process `syz.4.7667'.
[  615.636904][T21722] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[  615.778938][T21735] loop5: detected capacity change from 0 to 64
[  616.043131][T21735] hfs: invalid btree extent records
[  616.049232][T21735] hfs: unable to open extent tree
[  616.061959][T21735] hfs: can't find a HFS filesystem on dev loop5
[  617.336478][T21759] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  617.370226][T21759] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  617.430862][T21759] device erspan0 entered promiscuous mode
[  617.820644][T21783] netlink: 44 bytes leftover after parsing attributes in process `syz.5.7695'.
[  617.843103][T21783] netlink: 43 bytes leftover after parsing attributes in process `syz.5.7695'.
[  617.852949][T21783] netlink: 'syz.5.7695': attribute type 5 has an invalid length.
[  617.877450][T21783] netlink: 43 bytes leftover after parsing attributes in process `syz.5.7695'.
[  618.154318][T21797] loop4: detected capacity change from 0 to 1024
[  618.226108][T21797] EXT4-fs (loop4): Ignoring removed bh option
[  618.232844][T21797] EXT4-fs (loop4): inline encryption not supported
[  618.391534][T21797] EXT4-fs error (device loop4): ext4_ext_check_inode:501: inode #3: comm syz.4.7699: pblk 67 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  618.413892][T21797] EXT4-fs error (device loop4): ext4_quota_enable:6420: comm syz.4.7699: Bad quota inode: 3, type: 0
[  618.431541][T21797] EXT4-fs warning (device loop4): ext4_enable_quotas:6461: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  618.487659][T21797] EXT4-fs (loop4): mount failed
[  621.220804][T21832] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7716'.
[  621.995104][T21886] device syzkaller0 entered promiscuous mode
[  622.030200][T21886] syzkaller0: Caught tx_queue_len zero misconfig
[  622.050664][T21891] 9pnet: Could not find request transport: 0xffffffffffffffff
[  622.151403][T21893] netlink: 44 bytes leftover after parsing attributes in process `syz.1.7746'.
[  622.605999][T21920] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7757'.
[  623.391950][T21971] netlink: 44 bytes leftover after parsing attributes in process `syz.5.7780'.
[  624.648674][ T1428] ieee802154 phy0 wpan0: encryption failed: -22
[  624.655058][ T1428] ieee802154 phy1 wpan1: encryption failed: -22
[  624.900158][T22009] loop5: detected capacity change from 0 to 512
[  624.911994][T22012] netlink: 44 bytes leftover after parsing attributes in process `syz.4.7796'.
[  624.946057][T22009] EXT4-fs (loop5): orphan cleanup on readonly fs
[  624.969100][T22009] __quota_error: 29 callbacks suppressed
[  624.969119][T22009] Quota error (device loop5): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  624.985786][T22009] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  624.996433][T22009] EXT4-fs error (device loop5): ext4_acquire_dquot:6209: comm syz.5.7795: Failed to acquire dquot type 1
[  625.014461][T22009] EXT4-fs (loop5): 1 truncate cleaned up
[  625.020550][T22009] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpid,resuid=0x0000000000000000,nodelalloc,dioread_nolock,quota,,errors=continue. Quota mode: writeback.
[  625.132714][T22021] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7799'.
[  625.382189][T22032] netlink: 92 bytes leftover after parsing attributes in process `syz.2.7804'.
[  625.388961][T22035] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  625.783230][T22051] netlink: 100 bytes leftover after parsing attributes in process `syz.4.7814'.
[  627.219718][   T26] audit: type=1326 audit(627.147:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22080 comm="syz.2.7828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2680f1c6c9 code=0x7ffc0000
[  627.281643][   T26] audit: type=1326 audit(627.207:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22080 comm="syz.2.7828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7f2680f1c6c9 code=0x7ffc0000
[  627.313793][   T26] audit: type=1326 audit(627.207:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22080 comm="syz.2.7828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2680f1c6c9 code=0x7ffc0000
[  627.359044][   T26] audit: type=1326 audit(627.207:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22080 comm="syz.2.7828" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2680f1c6c9 code=0x7ffc0000
[  627.509928][T22102] netlink: 56 bytes leftover after parsing attributes in process `syz.4.7837'.
[  629.800690][T22124] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7844'.
[  632.409238][   T26] audit: type=1326 audit(632.337:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22232 comm="syz.1.7896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  632.501300][   T26] audit: type=1326 audit(632.357:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22232 comm="syz.1.7896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  632.599362][   T26] audit: type=1326 audit(632.367:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22234 comm="syz.4.7897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8fee1d6c9 code=0x7ffc0000
[  632.703683][   T26] audit: type=1326 audit(632.367:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22234 comm="syz.4.7897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8fee1d6c9 code=0x7ffc0000
[  632.819949][   T26] audit: type=1326 audit(632.367:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22234 comm="syz.4.7897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=270 compat=0 ip=0x7ff8fee1d6c9 code=0x7ffc0000
[  632.908988][   T26] audit: type=1326 audit(632.367:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22234 comm="syz.4.7897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8fee1d6c9 code=0x7ffc0000
[  632.961674][   T26] audit: type=1326 audit(632.367:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22234 comm="syz.4.7897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8fee1d6c9 code=0x7ffc0000
[  633.072112][   T26] audit: type=1326 audit(632.387:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22232 comm="syz.1.7896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  633.116230][T22272] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7914'.
[  633.162025][   T26] audit: type=1326 audit(632.387:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22232 comm="syz.1.7896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  633.268078][   T26] audit: type=1326 audit(632.387:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22232 comm="syz.1.7896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  633.369710][T22280] netlink: 'syz.0.7916': attribute type 11 has an invalid length.
[  633.623135][T22280] netlink: 32 bytes leftover after parsing attributes in process `syz.0.7916'.
[  634.653216][T22295] netlink: 108 bytes leftover after parsing attributes in process `syz.4.7933'.
[  634.681851][T22295] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7933'.
[  635.393048][T22321] overlayfs: missing 'lowerdir'
[  635.975247][T22343] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7946'.
[  636.025784][T22343] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7946'.
[  636.161485][T22347] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7949'.
[  636.185554][T22347] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  636.198694][T22347] batman_adv: batadv0: Removing interface: batadv_slave_0
[  636.213580][T22347] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  636.226490][T22347] batman_adv: batadv0: Removing interface: batadv_slave_1
[  636.411103][T22355] netlink: 16 bytes leftover after parsing attributes in process `syz.1.7947'.
[  636.427230][T22355] device ip_vti0 entered promiscuous mode
[  636.821378][T22374] loop5: detected capacity change from 0 to 1024
[  636.892018][T22374] EXT4-fs (loop5): INFO: recovery required on readonly filesystem
[  636.899891][T22374] EXT4-fs (loop5): write access will be enabled during recovery
[  636.933249][T22374] JBD2: no valid journal superblock found
[  636.949448][T22374] EXT4-fs (loop5): error loading journal
[  637.400589][T22403] fuse: Bad value for 'group_id'
[  637.407694][T22401] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7975'.
[  637.423945][T22401] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7975'.
[  637.574705][T22412] fuse: Bad value for 'fd'
[  638.237497][T22453] netlink: 388 bytes leftover after parsing attributes in process `syz.4.7998'.
[  638.426098][T22460] netlink: 20 bytes leftover after parsing attributes in process `syz.4.8002'.
[  639.903107][T22504] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8022'.
[  639.967584][T22504] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  640.001614][T22504] batman_adv: batadv0: Removing interface: batadv_slave_0
[  640.062419][T22504] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  640.091611][T22504] batman_adv: batadv0: Removing interface: batadv_slave_1
[  641.502723][T22538] netlink: 'syz.5.8038': attribute type 21 has an invalid length.
[  641.510657][T22538] netlink: 132 bytes leftover after parsing attributes in process `syz.5.8038'.
[  641.575557][T22538] netlink: 'syz.5.8038': attribute type 1 has an invalid length.
[  641.593732][T22538] netlink: 12 bytes leftover after parsing attributes in process `syz.5.8038'.
[  641.635133][T22546] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add()
[  642.116716][T22569] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=on.
[  642.132750][T22569] overlayfs: overlapping lowerdir path
[  642.289144][T22576] binder: 22575:22576 ioctl c018620b 0 returned -14
[  642.396436][T22580] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8056'.
[  642.451530][T22580] batman_adv: batadv0: Removing interface: batadv_slave_0
[  642.493411][T22580] batman_adv: batadv0: Removing interface: batadv_slave_1
[  642.531939][T22580] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  642.539060][T22580] batman_adv: batadv0: Removing interface: virt_wifi0
[  643.971703][T22653] device batadv_slave_1 entered promiscuous mode
[  644.067046][T22652] device batadv_slave_1 left promiscuous mode
[  645.223500][   T26] kauditd_printk_skb: 15 callbacks suppressed
[  645.223518][   T26] audit: type=1326 audit(645.158:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22694 comm="syz.5.8109" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3e490416c9 code=0x0
[  645.586722][T22711] 9pnet: Could not find request transport: 0xffffffffffffffff
[  645.726969][T22714] netlink: 'syz.0.8117': attribute type 6 has an invalid length.
[  645.747953][T22718] netlink: 132 bytes leftover after parsing attributes in process `syz.4.8120'.
[  646.407303][T22764] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8137'.
[  647.384651][T22825] x_tables: duplicate underflow at hook 1
[  647.461608][T22831] device pim6reg1 entered promiscuous mode
[  647.694804][T22848] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8181'.
[  647.779922][T22853] 9pnet: Insufficient options for proto=fd
[  648.669276][T22916] netlink: 'syz.4.8214': attribute type 4 has an invalid length.
[  648.710758][T22916] netlink: 17 bytes leftover after parsing attributes in process `syz.4.8214'.
[  648.726633][T22920] lo: Caught tx_queue_len zero misconfig
[  649.497542][T22979] netlink: 20 bytes leftover after parsing attributes in process `syz.4.8246'.
[  650.158718][T17025] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  650.250031][T17025] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  650.316935][T17025] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  650.441351][T17025] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  650.655436][T23046] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8280'.
[  650.904645][T17025] tipc: Disabling bearer <udp:syz0>
[  650.917529][T17025] tipc: Left network mode
[  651.248808][T23050] chnl_net:caif_netlink_parms(): no params data found
[  651.534788][T23091] netlink: 64 bytes leftover after parsing attributes in process `syz.1.8295'.
[  651.719591][T23050] bridge0: port 1(bridge_slave_0) entered blocking state
[  651.749818][T23050] bridge0: port 1(bridge_slave_0) entered disabled state
[  651.782316][T23050] device bridge_slave_0 entered promiscuous mode
[  651.860901][T23102] netlink: 32 bytes leftover after parsing attributes in process `syz.1.8300'.
[  651.880368][T23050] bridge0: port 2(bridge_slave_1) entered blocking state
[  651.895781][T23050] bridge0: port 2(bridge_slave_1) entered disabled state
[  651.917027][T23050] device bridge_slave_1 entered promiscuous mode
[  652.004260][T23118] overlayfs: failed to clone lowerpath
[  652.064531][T23050] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  652.121895][T23050] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  652.265881][T23050] team0: Port device team_slave_0 added
[  652.355345][T23050] team0: Port device team_slave_1 added
[  652.433816][T23050] batman_adv: batadv0: Adding interface: batadv_slave_0
[  652.479168][   T26] audit: type=1326 audit(652.408:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23141 comm="syz.1.8316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  652.506363][T23050] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  652.555571][   T26] audit: type=1326 audit(652.448:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23141 comm="syz.1.8316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  652.561211][T23050] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  652.668886][   T26] audit: type=1326 audit(652.448:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23141 comm="syz.1.8316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f27994c7703 code=0x7ffc0000
[  652.711860][T17025] device hsr_slave_0 left promiscuous mode
[  652.721656][T17025] device hsr_slave_1 left promiscuous mode
[  652.754664][T17025] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  652.774513][   T26] audit: type=1326 audit(652.458:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23141 comm="syz.1.8316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f27994c617f code=0x7ffc0000
[  652.783112][T17025] batman_adv: batadv0: Removing interface: batadv_slave_0
[  652.801345][T17261] Bluetooth: hci1: command 0x0409 tx timeout
[  652.814397][T23158] loop5: detected capacity change from 0 to 512
[  652.842209][T17025] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  652.852677][   T26] audit: type=1326 audit(652.468:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23141 comm="syz.1.8316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f27994c7757 code=0x7ffc0000
[  652.900496][T17025] batman_adv: batadv0: Removing interface: batadv_slave_1
[  652.917932][   T26] audit: type=1326 audit(652.468:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23141 comm="syz.1.8316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f27994c5f10 code=0x7ffc0000
[  652.941638][T17025] device bond_slave_0 left promiscuous mode
[  652.948230][T17025] device bond_slave_1 left promiscuous mode
[  652.959142][T23158] EXT4-fs (loop5): Ignoring removed oldalloc option
[  652.980056][   T26] audit: type=1326 audit(652.468:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23141 comm="syz.1.8316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f27994c632a code=0x7ffc0000
[  653.002516][   T26] audit: type=1326 audit(652.488:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23141 comm="syz.1.8316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  653.025052][   T26] audit: type=1326 audit(652.528:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23141 comm="syz.1.8316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=179 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  653.027125][T23158] EXT4-fs error (device loop5): ext4_xattr_inode_iget:400: comm syz.5.8331: Parent and EA inode have the same ino 15
[  653.048494][   T26] audit: type=1326 audit(652.528:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23141 comm="syz.1.8316" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  653.084478][T17025] device veth1_macvtap left promiscuous mode
[  653.118333][T17025] device veth0_macvtap left promiscuous mode
[  653.171317][T23158] EXT4-fs (loop5): Remounting filesystem read-only
[  653.179286][T23158] EXT4-fs error (device loop5): ext4_xattr_inode_iget:400: comm syz.5.8331: Parent and EA inode have the same ino 15
[  653.209919][T23158] EXT4-fs (loop5): Remounting filesystem read-only
[  653.219798][T23158] EXT4-fs (loop5): 1 orphan inode deleted
[  653.227874][T23158] EXT4-fs (loop5): mounted filesystem without journal. Opts: errors=remount-ro,bsdgroups,debug_want_extra_isize=0x000000000000005e,noauto_da_alloc,bsdgroups,oldalloc,stripe=0x0000000000000002,. Quota mode: none.
[  653.459988][T17025] team0 (unregistering): Port device bridge0 removed
[  653.523207][T17025] bond1 (unregistering): (slave macvlan2): Removing an active aggregator
[  653.533063][T17025] bond1 (unregistering): (slave macvlan2): Releasing backup interface
[  653.549437][T17025] bond1 (unregistering): Released all slaves
[  653.616496][T17025] team0 (unregistering): Port device team_slave_1 removed
[  653.633213][T17025] team0 (unregistering): Port device team_slave_0 removed
[  653.647114][T17025] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  653.663660][T17025] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  653.732852][T17025] bond0 (unregistering): Released all slaves
[  653.748183][T23050] batman_adv: batadv0: Adding interface: batadv_slave_1
[  653.755487][T23050] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  653.782438][T23050] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  653.988607][T23050] device hsr_slave_0 entered promiscuous mode
[  654.010075][T23050] device hsr_slave_1 entered promiscuous mode
[  654.475629][T23217] device batadv_slave_1 entered promiscuous mode
[  654.498292][T23216] device batadv_slave_1 left promiscuous mode
[  654.587135][T23050] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  654.605024][T23050] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  654.644877][T23050] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  654.730779][T23050] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  654.890888][T17262] Bluetooth: hci1: command 0x041b tx timeout
[  656.262324][T23050] 8021q: adding VLAN 0 to HW filter on device bond0
[  656.312388][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  656.323870][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  656.350800][T23050] 8021q: adding VLAN 0 to HW filter on device team0
[  656.426715][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  656.459208][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  656.498973][ T4323] bridge0: port 1(bridge_slave_0) entered blocking state
[  656.506118][ T4323] bridge0: port 1(bridge_slave_0) entered forwarding state
[  656.526902][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  656.566312][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  656.597621][ T4323] bridge0: port 2(bridge_slave_1) entered blocking state
[  656.604781][ T4323] bridge0: port 2(bridge_slave_1) entered forwarding state
[  656.641429][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  656.666597][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  656.721181][T16995] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  656.739768][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  656.756517][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  656.791592][ T4323] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  656.831206][T16995] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  656.851525][T16995] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  656.864637][T16995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  656.881396][T16995] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  656.906550][T16995] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  656.921859][T23276] 9pnet: Could not find request transport: 0xffffffffffffffff
[  656.944905][T16995] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  656.970861][T17262] Bluetooth: hci1: command 0x040f tx timeout
[  656.988998][T23050] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  657.389541][T16946] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  657.403289][T16946] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  657.435351][T23050] 8021q: adding VLAN 0 to HW filter on device batadv0
[  657.839624][T23315] ptrace attach of "./syz-executor exec"[13959] was attempted by "./syz-executor exec"[23315]
[  659.040545][ T4238] Bluetooth: hci1: command 0x0419 tx timeout
[  659.057177][T23352] netlink: 'syz.4.8383': attribute type 10 has an invalid length.
[  659.092932][T23352] netlink: 40 bytes leftover after parsing attributes in process `syz.4.8383'.
[  659.124530][T23352] device dummy0 entered promiscuous mode
[  659.197431][T17026] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  659.212903][T17026] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  659.310720][T16955] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  659.332529][T16955] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  659.373344][T16955] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  659.390607][T16955] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  659.410110][T23050] device veth0_vlan entered promiscuous mode
[  659.414432][T23357] loop5: detected capacity change from 0 to 8192
[  659.443426][T23050] device veth1_vlan entered promiscuous mode
[  659.521576][T16955] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  659.541111][T16955] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  659.566093][T16955] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  659.595894][T16955] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  659.636236][T23050] device veth0_macvtap entered promiscuous mode
[  659.667374][T23050] device veth1_macvtap entered promiscuous mode
[  659.776041][T23050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  659.816595][T23050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  659.859462][T23050] batman_adv: batadv0: Interface activated: batadv_slave_0
[  659.893543][T16955] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  659.911646][T16955] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  659.948602][T16955] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  659.978541][T16955] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  660.013393][T23050] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  660.038809][T23050] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  660.081654][T23050] batman_adv: batadv0: Interface activated: batadv_slave_1
[  660.112154][T16955] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  660.124859][T16955] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  660.173943][T23050] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  660.196617][T23050] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  660.230361][T23050] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  660.263767][T23050] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  660.316351][T23402] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8401'.
[  660.478447][T23409] loop4: detected capacity change from 0 to 512
[  660.488220][T16995] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  660.513754][T16995] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  660.543308][T17026] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  660.564321][T16937] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  660.591284][T16937] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  660.641587][T17026] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  660.672471][T23409] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  660.716061][T23409] EXT4-fs (loop4): inline encryption not supported
[  660.755334][T23409] EXT4-fs (loop4): Test dummy encryption mode enabled
[  660.821709][T23409] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  660.828891][T23409] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  660.882230][T23409] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[  660.900899][T23409] System zones: 1-12
[  660.929661][T23409] EXT4-fs (loop4): 1 truncate cleaned up
[  660.975126][T23409] EXT4-fs (loop4): mounted filesystem without journal. Opts: debug,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,,errors=continue. Quota mode: none.
[  661.067051][T23442] netlink: 8 bytes leftover after parsing attributes in process `syz.2.8415'.
[  661.381806][T23453] netlink: 'syz.2.8420': attribute type 5 has an invalid length.
[  661.664721][T23468] vcan0: MTU too low for tipc bearer
[  661.713598][T23468] tipc: Enabling of bearer <ib:vcan0> rejected, failed to enable media
[  662.740039][T23538] tipc: Started in network mode
[  662.774186][T23538] tipc: Node identity 6604dec95f38, cluster identity 4711
[  662.828978][T23538] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  662.872367][T23536] tipc: Disabling bearer <eth:syzkaller0>
[  663.080457][T23559] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  664.905212][T17261] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  665.300355][T17261] usb 5-1: config 0 has an invalid descriptor of length 134, skipping remainder of the config
[  665.324839][T17261] usb 5-1: too many endpoints for config 0 interface 0 altsetting 209: 129, using maximum allowed: 30
[  665.356954][T17261] usb 5-1: config 0 interface 0 altsetting 209 has 0 endpoint descriptors, different from the interface descriptor's value: 129
[  665.420142][T17261] usb 5-1: config 0 interface 0 has no altsetting 0
[  665.437661][T17261] usb 5-1: New USB device found, idVendor=1b96, idProduct=0009, bcdDevice= 0.00
[  665.470121][T17261] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  665.533108][T17261] usb 5-1: config 0 descriptor??
[  665.699028][T23680] loop5: detected capacity change from 0 to 4096
[  665.771442][T23680] ntfs3: Unknown parameter 'windows_names'
[  665.820229][T17261] usb 5-1: string descriptor 0 read error: -71
[  665.854529][T17261] usb 5-1: USB disconnect, device number 10
[  668.862657][T23769] blk_update_request: I/O error, dev loop6, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 0
[  668.913051][T23769] EXT4-fs (loop6): unable to read superblock
[  670.177146][   T26] kauditd_printk_skb: 1 callbacks suppressed
[  670.177162][   T26] audit: type=1326 audit(670.109:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23788 comm="syz.5.8546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e490416c9 code=0x7ffc0000
[  670.313264][   T26] audit: type=1326 audit(670.159:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23788 comm="syz.5.8546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e490416c9 code=0x7ffc0000
[  670.315910][T23802] netlink: 32 bytes leftover after parsing attributes in process `syz.2.8552'.
[  670.408657][   T26] audit: type=1326 audit(670.159:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23788 comm="syz.5.8546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f3e490416c9 code=0x7ffc0000
[  670.452960][   T26] audit: type=1326 audit(670.159:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23788 comm="syz.5.8546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e490416c9 code=0x7ffc0000
[  670.582116][   T26] audit: type=1326 audit(670.159:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23788 comm="syz.5.8546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e490416c9 code=0x7ffc0000
[  670.622447][   T26] audit: type=1326 audit(670.159:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23788 comm="syz.5.8546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=93 compat=0 ip=0x7f3e490416c9 code=0x7ffc0000
[  670.649287][   T26] audit: type=1326 audit(670.159:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23788 comm="syz.5.8546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e490416c9 code=0x7ffc0000
[  670.833677][   T26] audit: type=1326 audit(670.159:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23788 comm="syz.5.8546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e490416c9 code=0x7ffc0000
[  671.590843][   T26] audit: type=1326 audit(670.169:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23788 comm="syz.5.8546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f3e490416c9 code=0x7ffc0000
[  671.727889][T23837] loop5: detected capacity change from 0 to 128
[  671.800080][T23837] FAT-fs (loop5): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  671.917899][T23846] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  674.399023][T23934] netlink: 160 bytes leftover after parsing attributes in process `syz.4.8605'.
[  675.195787][T23934] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check.
[  675.687461][T23965] netlink: 156 bytes leftover after parsing attributes in process `syz.2.8616'.
[  675.820067][T23971] netlink: 44 bytes leftover after parsing attributes in process `syz.1.8619'.
[  675.849591][T23971] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8619'.
[  677.854476][T24028] netlink: 72 bytes leftover after parsing attributes in process `syz.5.8639'.
[  679.297825][   T26] audit: type=1326 audit(679.230:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24120 comm="syz.2.8676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2680f1c6c9 code=0x7ffc0000
[  679.360627][   T26] audit: type=1326 audit(679.260:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24120 comm="syz.2.8676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2680f1c6c9 code=0x7ffc0000
[  679.478240][   T26] audit: type=1326 audit(679.270:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24120 comm="syz.2.8676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2680f1c6c9 code=0x7ffc0000
[  679.601932][   T26] audit: type=1326 audit(679.270:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24120 comm="syz.2.8676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2680f1c6c9 code=0x7ffc0000
[  679.687936][   T26] audit: type=1326 audit(679.270:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24120 comm="syz.2.8676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2680f1c6c9 code=0x7ffc0000
[  680.005479][T24161] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8690'.
[  680.392934][T24183] netlink: 44 bytes leftover after parsing attributes in process `syz.6.8698'.
[  680.543952][T24193] loop6: detected capacity change from 0 to 512
[  680.673103][T24193] EXT4-fs (loop6): mounted filesystem without journal. Opts: nodiscard,max_dir_size_kb=0x0000000000000000,,errors=continue. Quota mode: writeback.
[  680.711312][T24204] binder: Unknown parameter 'contextÌ'
[  681.476264][T24237] netlink: 'syz.4.8716': attribute type 4 has an invalid length.
[  681.506726][T24237] netlink: 'syz.4.8716': attribute type 5 has an invalid length.
[  681.549247][T24237] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.8716'.
[  681.595922][T24245] loop5: detected capacity change from 0 to 512
[  681.782474][T24245] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  681.954451][T24245] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #16: comm syz.5.8720: invalid indirect mapped block 4294967295 (level 0)
[  682.053769][T24245] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #16: comm syz.5.8720: invalid indirect mapped block 4294967295 (level 1)
[  682.209469][T24245] EXT4-fs (loop5): 1 orphan inode deleted
[  682.259237][T24245] EXT4-fs (loop5): 1 truncate cleaned up
[  682.305611][T24245] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  682.340709][T24275] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8729'.
[  683.258295][T24329] binder: Bad value for 'stats'
[  683.371726][ T4238] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  683.518056][T24347] tmpfs: Unknown parameter 'n'
[  683.583563][T24348] loop5: detected capacity change from 0 to 128
[  683.639122][ T4238] usb 7-1: Using ep0 maxpacket: 32
[  683.969568][ T4238] usb 7-1: config 0 has no interfaces?
[  684.201243][ T4238] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  684.392280][ T4238] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  684.628357][ T4238] usb 7-1: Product: syz
[  684.660919][ T4238] usb 7-1: Manufacturer: syz
[  684.665576][ T4238] usb 7-1: SerialNumber: syz
[  684.674002][ T4238] usb 7-1: config 0 descriptor??
[  684.736223][T24348] hpfs: Bad version 183,140. Mount readonly to go around
[  684.819443][T24348] hpfs: please try recent version of HPFS driver at http://artax.karlin.mff.cuni.cz/~mikulas/vyplody/hpfs/index-e.cgi and if it still can't understand this format, contact author - mikulas@artax.karlin.mff.cuni.cz
[  684.956835][ T4238] usb 7-1: USB disconnect, device number 2
[  685.140395][T24381] netlink: 'syz.2.8769': attribute type 4 has an invalid length.
[  685.210319][T24381] netlink: 'syz.2.8769': attribute type 5 has an invalid length.
[  685.236021][T24381] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.8769'.
[  685.893040][T24408] fuse: Bad value for 'fd'
[  686.002363][ T1428] ieee802154 phy0 wpan0: encryption failed: -22
[  686.008719][ T1428] ieee802154 phy1 wpan1: encryption failed: -22
[  686.923432][T24467] netlink: 96 bytes leftover after parsing attributes in process `syz.1.8800'.
[  689.017090][T24506] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8812'.
[  689.276730][T24525] netlink: 20 bytes leftover after parsing attributes in process `syz.6.8822'.
[  689.514215][T24537] netlink: 132 bytes leftover after parsing attributes in process `syz.6.8827'.
[  690.316799][T24576] netlink: 'syz.6.8843': attribute type 4 has an invalid length.
[  690.335647][T24576] netlink: 'syz.6.8843': attribute type 5 has an invalid length.
[  690.351886][T24576] netlink: 3657 bytes leftover after parsing attributes in process `syz.6.8843'.
[  691.656721][T24618] netlink: 28 bytes leftover after parsing attributes in process `syz.6.8865'.
[  692.581762][T24673] netlink: 20 bytes leftover after parsing attributes in process `syz.6.8892'.
[  693.789155][T24726] netlink: 20 bytes leftover after parsing attributes in process `syz.6.8916'.
[  693.988666][T24734] netlink: 28 bytes leftover after parsing attributes in process `syz.1.8919'.
[  694.015771][T24734] lo: Caught tx_queue_len zero misconfig
[  694.323948][T24747] netlink: 16 bytes leftover after parsing attributes in process `syz.2.8926'.
[  694.487640][T24757] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8931'.
[  695.363117][T24768] overlayfs: missing 'lowerdir'
[  695.778066][T24775] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8939'.
[  696.475032][T24817] loop6: detected capacity change from 0 to 512
[  696.588083][T24817] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  696.638873][T24817] EXT4-fs (loop6): 1 truncate cleaned up
[  696.644815][T24817] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  696.664170][   T26] audit: type=1800 audit(16778141.600:701): pid=24817 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.8957" name="file1" dev="loop6" ino=15 res=0 errno=0
[  696.724344][T24825] netlink: 256 bytes leftover after parsing attributes in process `syz.5.8962'.
[  698.029024][T24884] netlink: 20 bytes leftover after parsing attributes in process `syz.5.8990'.
[  698.453177][T24903] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8997'.
[  699.680015][T24966] netlink: 9 bytes leftover after parsing attributes in process `syz.6.9026'.
[  699.749691][T24966] device gretap0 entered promiscuous mode
[  701.308676][T25010] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9044'.
[  702.122037][T25053] xt_bpf: check failed: parse error
[  702.614533][T25076] netlink: 16 bytes leftover after parsing attributes in process `syz.1.9075'.
[  702.649782][T25076] device ip_vti0 left promiscuous mode
[  702.671490][ T4323] Bluetooth: hci4: Frame reassembly failed (-84)
[  703.276055][T25075] chnl_net:caif_netlink_parms(): no params data found
[  703.481715][T25112] netlink: 16 bytes leftover after parsing attributes in process `syz.5.9090'.
[  703.643283][T25075] bridge0: port 1(bridge_slave_0) entered blocking state
[  703.657675][T25075] bridge0: port 1(bridge_slave_0) entered disabled state
[  703.672137][T25075] device bridge_slave_0 entered promiscuous mode
[  703.690532][T25075] bridge0: port 2(bridge_slave_1) entered blocking state
[  703.697768][T25075] bridge0: port 2(bridge_slave_1) entered disabled state
[  703.777714][T25075] device bridge_slave_1 entered promiscuous mode
[  704.602432][T25075] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  704.647912][T17261] Bluetooth: hci0: command 0x0409 tx timeout
[  704.659377][T25075] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  704.718396][T17261] Bluetooth: hci4: command 0x1003 tx timeout
[  704.729087][T13962] Bluetooth: hci4: sending frame failed (-49)
[  704.888379][T25075] team0: Port device team_slave_0 added
[  704.896921][T25075] team0: Port device team_slave_1 added
[  704.951145][T25075] batman_adv: batadv0: Adding interface: batadv_slave_0
[  705.107001][T25075] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  705.162749][T25075] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  705.253724][T25075] batman_adv: batadv0: Adding interface: batadv_slave_1
[  705.290677][T25075] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  705.367112][T25075] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  705.865308][T25075] device hsr_slave_0 entered promiscuous mode
[  705.872479][T25075] device hsr_slave_1 entered promiscuous mode
[  705.883148][T25075] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  705.891113][T25075] Cannot create hsr debugfs directory
[  706.059296][T25075] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  706.087534][T25075] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  706.097300][T16955] tipc: Disabling bearer <eth:syzkaller0>
[  706.106838][T25075] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  706.113705][T16955] tipc: Left network mode
[  706.122787][T25075] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  706.226420][T25075] 8021q: adding VLAN 0 to HW filter on device bond0
[  706.247261][T17025] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  706.259455][T17025] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  706.270750][T25075] 8021q: adding VLAN 0 to HW filter on device team0
[  706.283805][T17025] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  706.293199][T17025] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  706.303903][T17025] bridge0: port 1(bridge_slave_0) entered blocking state
[  706.311051][T17025] bridge0: port 1(bridge_slave_0) entered forwarding state
[  706.345263][T17025] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  706.353645][T17025] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  706.363125][T17025] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  706.374569][T17025] bridge0: port 2(bridge_slave_1) entered blocking state
[  706.381716][T17025] bridge0: port 2(bridge_slave_1) entered forwarding state
[  706.394378][T17025] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  706.412899][T16946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  706.429391][T16946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  706.441508][T16946] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  706.456221][T16946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  706.467183][T16946] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  706.480795][T16946] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  706.512661][T25075] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  706.527055][T25075] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  706.540767][T17025] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  706.554563][T17025] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  706.564026][T17025] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  706.576824][T17025] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  706.585979][T17025] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  706.727965][T17261] Bluetooth: hci0: command 0x041b tx timeout
[  706.756940][T16946] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  706.769157][T16946] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  706.783635][T25075] 8021q: adding VLAN 0 to HW filter on device batadv0
[  706.798274][T17261] Bluetooth: hci4: command 0x1001 tx timeout
[  706.804380][T13962] Bluetooth: hci4: sending frame failed (-49)
[  707.028438][T16955] device hsr_slave_0 left promiscuous mode
[  707.035219][T16955] device hsr_slave_1 left promiscuous mode
[  707.046578][T16955] device vlan2 left promiscuous mode
[  707.052742][T16955] bridge0: port 3(vlan2) entered disabled state
[  707.064258][T16955] device bridge_slave_1 left promiscuous mode
[  707.073515][T16955] bridge0: port 2(bridge_slave_1) entered disabled state
[  707.086403][T16955] device bridge_slave_0 left promiscuous mode
[  707.093258][T16955] bridge0: port 1(bridge_slave_0) entered disabled state
[  707.366446][T17025] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  707.375476][T17025] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  707.396284][T17025] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  707.407834][T17025] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  707.417836][T25075] device veth0_vlan entered promiscuous mode
[  707.432500][T17025] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  707.446436][T17025] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  707.461192][T25075] device veth1_vlan entered promiscuous mode
[  707.485946][T17027] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  707.494821][T17027] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  707.503712][T17027] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  707.513305][T17027] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  707.526649][T25075] device veth0_macvtap entered promiscuous mode
[  707.565537][T25075] device veth1_macvtap entered promiscuous mode
[  707.604910][T25075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  707.616963][T25075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  707.632683][T25075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  707.645118][T25075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  707.660727][T25075] batman_adv: batadv0: Interface activated: batadv_slave_0
[  707.669536][T16946] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  707.681973][T16946] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  707.690604][T16946] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  707.703640][T16946] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  707.728363][T25075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  707.743194][T25075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  707.755834][T25075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  707.771288][T25075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  707.783091][T25075] batman_adv: batadv0: Interface activated: batadv_slave_1
[  707.795418][T17027] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  707.815924][T17027] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  707.828425][T25075] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  707.837163][T25075] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  707.850397][T25075] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  707.860852][T25075] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  707.988169][T16946] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  707.996559][T16946] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  708.051712][T16946] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  708.095905][T16946] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  708.105396][T16946] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  708.143529][T17027] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  708.414430][T25218] netlink: 16 bytes leftover after parsing attributes in process `syz.7.9104'.
[  708.798078][ T4238] Bluetooth: hci0: command 0x040f tx timeout
[  708.881863][ T4238] Bluetooth: hci4: command 0x1009 tx timeout
[  710.106745][T25311] netlink: 80 bytes leftover after parsing attributes in process `syz.5.9143'.
[  710.877709][ T4238] Bluetooth: hci0: command 0x0419 tx timeout
[  712.503183][T25410] netlink: 32 bytes leftover after parsing attributes in process `syz.5.9185'.
[  712.523104][T25414] device veth1_macvtap left promiscuous mode
[  712.536336][T25414] device macsec0 entered promiscuous mode
[  712.568117][T25415] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9183'.
[  712.716572][T25415] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  712.751058][T25415] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  712.786964][T25415] bond0 (unregistering): Released all slaves
[  712.913845][T25422] 8021q: adding VLAN 0 to HW filter on device bond1
[  713.053936][T25446] loop6: detected capacity change from 0 to 256
[  713.076765][T25426] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  713.086585][T25445] netlink: 'syz.2.9196': attribute type 4 has an invalid length.
[  713.109671][T25445] netlink: 17 bytes leftover after parsing attributes in process `syz.2.9196'.
[  713.130615][T17025] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  713.229859][T25446] attempt to access beyond end of device
[  713.229859][T25446] loop6: rw=2049, want=260, limit=256
[  713.260649][T25446] attempt to access beyond end of device
[  713.260649][T25446] loop6: rw=2049, want=260, limit=256
[  713.650143][T25469] netlink: 'syz.7.9205': attribute type 1 has an invalid length.
[  713.714818][T25469] bond0 (unregistering): Released all slaves
[  713.790348][T25478] netlink: 28 bytes leftover after parsing attributes in process `syz.7.9205'.
[  713.955708][T25488] netlink: 40 bytes leftover after parsing attributes in process `syz.5.9214'.
[  713.992584][T25488] netlink: 40 bytes leftover after parsing attributes in process `syz.5.9214'.
[  714.022012][T25488] netlink: 40 bytes leftover after parsing attributes in process `syz.5.9214'.
[  714.045496][T25488] A link change request failed with some changes committed already. Interface ip6tnl0 may have been left with an inconsistent configuration, please check.
[  714.218786][T25505] netlink: 44 bytes leftover after parsing attributes in process `syz.7.9218'.
[  714.762894][T25548] loop7: detected capacity change from 0 to 8
[  715.275281][T25581] netlink: 5 bytes leftover after parsing attributes in process `syz.1.9250'.
[  715.332361][   T26] audit: type=1326 audit(16778160.265:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25582 comm="syz.7.9251" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feb17df56c9 code=0x0
[  715.869646][T25616] tmpfs: Unknown parameter 'no'
[  716.157593][T17264] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  716.312997][T25641] loop7: detected capacity change from 0 to 1024
[  716.439926][T25641] EXT4-fs (loop7): Ignoring removed mblk_io_submit option
[  716.494836][T25641] EXT4-fs (loop7): Ignoring removed oldalloc option
[  716.550642][T25641] EXT4-fs (loop7): Ignoring removed nomblk_io_submit option
[  716.665387][T25641] EXT4-fs (loop7): mounted filesystem without journal. Opts: mblk_io_submit,quota,resuid=0x0000000000000000,oldalloc,discard,max_dir_size_kb=0x00000000000007b1,nolazytime,nodioread_nolock,nomblk_io_submit,nodelalloc,inode_readahead_blks=0x0000000000000400,,errors=continue. Quota mode: writeback.
[  716.694055][T17264] usb 7-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  716.714186][T17264] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  716.727231][T17264] usb 7-1: Product: syz
[  716.731459][T17264] usb 7-1: Manufacturer: syz
[  716.746472][T17264] usb 7-1: SerialNumber: syz
[  716.761951][T17264] usb 7-1: config 0 descriptor??
[  716.811592][T17264] i2c-tiny-usb 7-1:0.0: version 6d.cc found at bus 007 address 003
[  717.457405][T17264] i2c i2c-1: failure reading functionality
[  717.491144][T17264] i2c i2c-1: connected i2c-tiny-usb device
[  717.562929][T17264] usb 7-1: USB disconnect, device number 3
[  719.057188][T25758] device sit0 entered promiscuous mode
[  719.234583][T25758] netlink: 'syz.5.9317': attribute type 1 has an invalid length.
[  719.387232][T25758] netlink: 'syz.5.9317': attribute type 3 has an invalid length.
[  720.557740][T25793] netlink: 'syz.6.9338': attribute type 32 has an invalid length.
[  722.610972][T25836] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9348'.
[  722.873659][T25849] netlink: 72 bytes leftover after parsing attributes in process `syz.5.9354'.
[  723.364543][T25879] input: syz1 as /devices/virtual/input/input12
[  723.587203][T25887] overlayfs: missing 'lowerdir'
[  723.684271][T25893] netlink: 48 bytes leftover after parsing attributes in process `syz.6.9372'.
[  724.130960][T25914] netlink: 8 bytes leftover after parsing attributes in process `syz.7.9381'.
[  724.160429][T25914] netlink: 32 bytes leftover after parsing attributes in process `syz.7.9381'.
[  724.815790][T25945] netlink: 12 bytes leftover after parsing attributes in process `syz.6.9395'.
[  726.406749][ T4292] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  726.574341][T26038] overlayfs: failed to resolve './file1': -2
[  726.796923][ T4292] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  726.873490][ T4292] usb 6-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  727.065515][ T4292] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  727.082470][ T4292] usb 6-1: config 0 descriptor??
[  727.118366][T26012] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  728.067871][ T4292] usbhid 6-1:0.0: can't add hid device: -71
[  728.079446][ T4292] usbhid: probe of 6-1:0.0 failed with error -71
[  728.140562][ T4292] usb 6-1: USB disconnect, device number 5
[  728.345402][T26097] netlink: 188 bytes leftover after parsing attributes in process `syz.6.9458'.
[  729.305609][T26149] netlink: 'syz.2.9480': attribute type 12 has an invalid length.
[  729.343754][T26151] netlink: 8 bytes leftover after parsing attributes in process `syz.7.9478'.
[  729.742141][T26169] netlink: 60 bytes leftover after parsing attributes in process `syz.1.9489'.
[  730.946401][T17264] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  731.466718][T17264] usb 6-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  731.500555][T17264] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  731.537102][T17264] usb 6-1: Product: syz
[  731.561639][T17264] usb 6-1: Manufacturer: syz
[  731.568896][T26216] netlink: 44 bytes leftover after parsing attributes in process `syz.1.9508'.
[  731.581922][T17264] usb 6-1: SerialNumber: syz
[  731.614194][T26216] netlink: 67 bytes leftover after parsing attributes in process `syz.1.9508'.
[  731.616131][T17264] usb 6-1: config 0 descriptor??
[  731.718271][T17264] i2c-tiny-usb 6-1:0.0: version 6d.cc found at bus 006 address 006
[  731.958731][T26232] netlink: 96 bytes leftover after parsing attributes in process `syz.2.9514'.
[  732.396990][T17264] i2c i2c-1: failure reading functionality
[  732.588368][T17264] i2c i2c-1: connected i2c-tiny-usb device
[  732.943808][T17264] usb 6-1: USB disconnect, device number 6
[  736.073649][T26369] netlink: 108 bytes leftover after parsing attributes in process `syz.5.9565'.
[  736.115540][T26369] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9565'.
[  736.210026][T26376] netlink: 56 bytes leftover after parsing attributes in process `syz.7.9568'.
[  736.434248][T26389] 9pnet_virtio: no channels available for device syz
[  736.716298][T26404] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9580'.
[  738.933848][T26542] netlink: 172 bytes leftover after parsing attributes in process `syz.2.9632'.
[  738.990768][T26542] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9632'.
[  739.056412][T26542] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9632'.
[  739.461527][T26576] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9646'.
[  740.104596][T26615] netlink: 16 bytes leftover after parsing attributes in process `syz.5.9663'.
[  740.632785][T26647] 9pnet: Could not find request transport: f
[  743.039110][T26726] binder: 26723:26726 ioctl 40046205 0 returned -22
[  743.104394][T26726] binder: 26723:26726 ioctl c0306201 200000000300 returned -11
[  744.557063][   T26] audit: type=1326 audit(16778189.497:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26802 comm="syz.1.9740" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f27994c76c9 code=0x0
[  744.725859][ T4232] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  745.130063][ T4232] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  745.161411][ T4232] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  745.188860][T26832] x_tables: duplicate underflow at hook 2
[  745.209235][ T4232] usb 7-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  745.243597][ T4232] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  745.269198][ T4232] usb 7-1: config 0 descriptor??
[  746.041761][   T26] audit: type=1326 audit(16778190.977:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26867 comm="syz.7.9771" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feb17df56c9 code=0x0
[  746.445753][ T4232] usbhid 7-1:0.0: can't add hid device: -71
[  746.452067][ T4232] usbhid: probe of 7-1:0.0 failed with error -71
[  746.489769][ T4232] usb 7-1: USB disconnect, device number 4
[  747.439111][ T1428] ieee802154 phy0 wpan0: encryption failed: -22
[  747.445615][ T1428] ieee802154 phy1 wpan1: encryption failed: -22
[  747.764636][T26933] sctp: [Deprecated]: syz.2.9801 (pid 26933) Use of int in max_burst socket option.
[  747.764636][T26933] Use struct sctp_assoc_value instead
[  748.892687][T26981] loop7: detected capacity change from 0 to 128
[  748.906703][T26982] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9822'.
[  749.059208][T26981] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  749.708184][T27013] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9837'.
[  750.592460][T27058] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9857'.
[  751.993385][T27072] 9pnet: Insufficient options for proto=fd
[  752.734172][T27094] fuse: Unknown parameter '&'
[  753.235911][T27111] netlink: 'syz.1.9880': attribute type 10 has an invalid length.
[  753.276024][T27111] netlink: 40 bytes leftover after parsing attributes in process `syz.1.9880'.
[  753.463697][T27111] team0: Port device geneve0 added
[  753.470173][T27114] debugfs: Directory 'netdev:nicvf0' with parent 'phy7' already present!
[  753.776128][T27141] overlayfs: overlapping lowerdir path
[  753.960064][T27154] loop6: detected capacity change from 0 to 512
[  754.050345][T27154] EXT4-fs (loop6): Ignoring removed mblk_io_submit option
[  754.075179][T27154] EXT4-fs (loop6): inline encryption not supported
[  754.108316][T27154] EXT4-fs (loop6): Test dummy encryption mode enabled
[  754.150896][T27154] EXT4-fs (loop6): Ignoring removed mblk_io_submit option
[  754.185501][T27154] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  754.300268][T27154] EXT4-fs (loop6): 1 truncate cleaned up
[  754.306140][T27154] EXT4-fs (loop6): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,. Quota mode: none.
[  754.471605][T27185] overlayfs: missing 'lowerdir'
[  754.673074][T27195] usb usb1: usbfs: interface 0 claimed by hub while 'syz.6.9920' sets config #0
[  755.094011][T27224] netlink: 8 bytes leftover after parsing attributes in process `syz.6.9933'.
[  755.551957][T27249] loop7: detected capacity change from 0 to 512
[  755.624079][T27249] EXT4-fs (loop7): Ignoring removed mblk_io_submit option
[  755.633271][T27249] EXT4-fs (loop7): inline encryption not supported
[  755.653746][T27249] EXT4-fs (loop7): Test dummy encryption mode enabled
[  755.672938][T27249] EXT4-fs (loop7): Ignoring removed mblk_io_submit option
[  755.686366][T27249] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  755.738508][T27249] EXT4-fs (loop7): 1 truncate cleaned up
[  755.746258][T27249] EXT4-fs (loop7): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,. Quota mode: none.
[  757.715749][T27351] loop5: detected capacity change from 0 to 512
[  757.769987][T27351] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[  757.796975][T27351] EXT4-fs (loop5): inline encryption not supported
[  757.825937][T27351] EXT4-fs (loop5): Test dummy encryption mode enabled
[  757.832830][T27351] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[  757.860819][T27351] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  757.889600][T27351] EXT4-fs (loop5): 1 truncate cleaned up
[  757.907077][T27351] EXT4-fs (loop5): mounted filesystem without journal. Opts: errors=remount-ro,mblk_io_submit,inlinecrypt,test_dummy_encryption=v1,barrier,mblk_io_submit,nogrpid,. Quota mode: none.
[  758.197075][T27368] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  759.016202][   T26] audit: type=1804 audit(16778203.948:705): pid=27419 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.10019" name="bus" dev="ramfs" ino=128741 res=1 errno=0
[  759.219204][   T26] audit: type=1804 audit(16778204.138:706): pid=27427 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.10019" name="bus" dev="ramfs" ino=128741 res=1 errno=0
[  759.304840][T27430] autofs4:pid:27430:autofs_fill_super: called with bogus options
[  760.145376][T17261] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  760.508659][T17261] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  760.527655][T17261] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  760.576973][T17261] usb 6-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  760.590914][T27454] x_tables: duplicate underflow at hook 1
[  760.603967][T17261] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  760.626652][T17261] usb 6-1: config 0 descriptor??
[  760.734269][   T26] audit: type=1326 audit(16778205.668:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27462 comm="syz.7.10034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb17df56c9 code=0x7ffc0000
[  760.802716][   T26] audit: type=1326 audit(16778205.678:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27462 comm="syz.7.10034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7feb17df56c9 code=0x7ffc0000
[  760.852862][   T26] audit: type=1326 audit(16778205.678:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27462 comm="syz.7.10034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb17df56c9 code=0x7ffc0000
[  760.884201][   T26] audit: type=1326 audit(16778205.678:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27462 comm="syz.7.10034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7feb17df56c9 code=0x7ffc0000
[  760.907190][   T26] audit: type=1326 audit(16778205.678:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27462 comm="syz.7.10034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb17df56c9 code=0x7ffc0000
[  760.941645][   T26] audit: type=1326 audit(16778205.678:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27462 comm="syz.7.10034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=303 compat=0 ip=0x7feb17df56c9 code=0x7ffc0000
[  761.004771][   T26] audit: type=1326 audit(16778205.678:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27462 comm="syz.7.10034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb17df56c9 code=0x7ffc0000
[  761.364811][T17261] usbhid 6-1:0.0: can't add hid device: -71
[  761.371043][T17261] usbhid: probe of 6-1:0.0 failed with error -71
[  761.414161][T17261] usb 6-1: USB disconnect, device number 7
[  762.495561][T27534] netlink: 12 bytes leftover after parsing attributes in process `syz.6.10068'.
[  762.528366][T27534] netlink: 16 bytes leftover after parsing attributes in process `syz.6.10068'.
[  762.809850][T27544] loop7: detected capacity change from 0 to 1024
[  762.882535][T27544] EXT4-fs (loop7): Ignoring removed nomblk_io_submit option
[  762.993410][T27544] EXT4-fs (loop7): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000080,nodelalloc,grpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  763.401119][   T26] audit: type=1326 audit(16778208.338:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27556 comm="syz.6.10079" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ca19096c9 code=0x7ffc0000
[  763.473160][T27561] netlink: 4 bytes leftover after parsing attributes in process `syz.7.10077'.
[  765.017226][T27603] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10096'.
[  765.064462][T27603] netlink: 12 bytes leftover after parsing attributes in process `syz.2.10096'.
[  765.092691][T27603] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10096'.
[  765.110582][T27607] netlink: 64 bytes leftover after parsing attributes in process `syz.1.10098'.
[  765.159345][T27603] netlink: 8 bytes leftover after parsing attributes in process `syz.2.10096'.
[  766.618523][T27645] netlink: 8 bytes leftover after parsing attributes in process `syz.6.10115'.
[  766.658801][T27645] netlink: 12 bytes leftover after parsing attributes in process `syz.6.10115'.
[  767.019969][T27668] device bridge_slave_1 left promiscuous mode
[  767.032804][T27668] bridge0: port 2(bridge_slave_1) entered disabled state
[  767.113111][T27668] device bridge_slave_0 left promiscuous mode
[  767.123873][T27668] bridge0: port 1(bridge_slave_0) entered disabled state
[  768.392771][T27700] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  768.712341][   T26] kauditd_printk_skb: 6 callbacks suppressed
[  768.712356][   T26] audit: type=1804 audit(16778213.648:721): pid=27713 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.10146" name="bus" dev="ramfs" ino=130225 res=1 errno=0
[  768.859879][T27707] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  768.903551][   T26] audit: type=1804 audit(16778213.688:722): pid=27713 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.10146" name="bus" dev="ramfs" ino=130225 res=1 errno=0
[  769.586032][T27707] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  769.700859][T27729] __nla_validate_parse: 7 callbacks suppressed
[  769.700874][T27729] netlink: 4 bytes leftover after parsing attributes in process `syz.6.10152'.
[  769.796331][T27729] device bridge_slave_1 left promiscuous mode
[  769.819117][T27729] bridge0: port 2(bridge_slave_1) entered disabled state
[  769.842985][T27729] device bridge_slave_0 left promiscuous mode
[  769.863399][T27729] bridge0: port 1(bridge_slave_0) entered disabled state
[  770.187686][T27707] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  770.368950][T27707] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  770.683043][T27707] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  770.763325][T27707] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  770.813561][T27707] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  770.894438][T27707] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  771.053546][   T26] audit: type=1804 audit(16778215.991:723): pid=27766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.10166" name="bus" dev="ramfs" ino=129794 res=1 errno=0
[  771.170669][   T26] audit: type=1804 audit(16778216.021:724): pid=27766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.10166" name="bus" dev="ramfs" ino=129794 res=1 errno=0
[  772.246057][T27791] netlink: 132 bytes leftover after parsing attributes in process `syz.2.10179'.
[  772.699789][T27813] binder: 27812:27813 ioctl 4008ae9c 0 returned -22
[  772.814431][T27819] netlink: 104 bytes leftover after parsing attributes in process `syz.1.10192'.
[  772.948908][T27827] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10196'.
[  773.057339][   T26] audit: type=1804 audit(16778218.001:725): pid=27835 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.10198" name="bus" dev="ramfs" ino=130488 res=1 errno=0
[  773.147567][   T26] audit: type=1804 audit(16778218.011:726): pid=27835 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.10198" name="bus" dev="ramfs" ino=130488 res=1 errno=0
[  774.927634][   T26] audit: type=1804 audit(16778219.871:727): pid=27900 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.10230" name="bus" dev="ramfs" ino=130015 res=1 errno=0
[  775.056770][   T26] audit: type=1804 audit(16778219.891:728): pid=27900 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.10230" name="bus" dev="ramfs" ino=130015 res=1 errno=0
[  775.114342][ T8630] Bluetooth: hci1: command 0x0406 tx timeout
[  780.344943][T27974] netlink: 108 bytes leftover after parsing attributes in process `syz.5.10261'.
[  780.360972][T27974] netlink: 20 bytes leftover after parsing attributes in process `syz.5.10261'.
[  780.536189][T27984] sg_write: data in/out 16514940/1 bytes for SCSI command 0x1c-- guessing data in;
[  780.536189][T27984]    program syz.6.10258 not setting count and/or reply_len properly
[  781.941049][T28026] netlink: 17 bytes leftover after parsing attributes in process `syz.1.10283'.
[  782.454419][   T26] audit: type=1326 audit(16778227.381:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28047 comm="syz.1.10294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  782.629720][   T26] audit: type=1326 audit(16778227.381:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28047 comm="syz.1.10294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  782.839727][   T26] audit: type=1326 audit(16778227.381:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28047 comm="syz.1.10294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  782.878529][T28061] netlink: 20 bytes leftover after parsing attributes in process `syz.7.10299'.
[  783.057246][   T26] audit: type=1326 audit(16778227.381:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28047 comm="syz.1.10294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  783.277934][   T26] audit: type=1326 audit(16778227.381:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28047 comm="syz.1.10294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  783.533488][   T26] audit: type=1326 audit(16778227.381:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28047 comm="syz.1.10294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  783.733786][   T26] audit: type=1326 audit(16778227.381:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28047 comm="syz.1.10294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  783.860063][   T26] audit: type=1326 audit(16778227.381:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28047 comm="syz.1.10294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  783.882901][   T26] audit: type=1326 audit(16778227.381:737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28047 comm="syz.1.10294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  783.906817][   T26] audit: type=1326 audit(16778227.381:738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28047 comm="syz.1.10294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f27994c76c9 code=0x7ffc0000
[  785.212286][T28146] tmpfs: Bad value for 'nr_inodes'
[  787.857762][T28188] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10355'.
[  787.904662][   T26] kauditd_printk_skb: 49 callbacks suppressed
[  787.904677][   T26] audit: type=1326 audit(16778232.851:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28185 comm="syz.5.10354" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3e490416c9 code=0x0
[  788.287483][T28206] netlink: 96 bytes leftover after parsing attributes in process `syz.1.10363'.
[  790.886290][T28301] netlink: 20 bytes leftover after parsing attributes in process `syz.6.10408'.
[  791.066812][   T26] audit: type=1326 audit(16778236.011:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28304 comm="syz.7.10409" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feb17df56c9 code=0x0
[  791.125450][T28311] xt_l2tp: missing protocol rule (udp|l2tpip)
[  791.603101][T28337] ptrace attach of "./syz-executor exec"[28338] was attempted by "./syz-executor exec"[28337]
[  794.943189][T28428] netlink: 'syz.7.10463': attribute type 16 has an invalid length.
[  794.992832][T28428] netlink: 64130 bytes leftover after parsing attributes in process `syz.7.10463'.
[  797.204845][T28509] autofs4:pid:28509:autofs_fill_super: called with bogus options
[  798.141003][T28533] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  798.743653][T28559] netlink: 9 bytes leftover after parsing attributes in process `syz.7.10524'.
[  798.823859][T28564] loop6: detected capacity change from 0 to 512
[  799.070644][T28564] EXT4-fs (loop6): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000001000,nodiscard,quota,,errors=continue. Quota mode: writeback.
[  801.340904][T28647] netlink: 8 bytes leftover after parsing attributes in process `syz.1.10563'.
[  801.562695][T28661] netlink: 16 bytes leftover after parsing attributes in process `syz.1.10569'.
[  801.598787][T28661] device ip6_vti0 entered promiscuous mode
[  801.957528][T28681] overlayfs: failed to clone upperpath
[  802.572087][T28713] netlink: 20 bytes leftover after parsing attributes in process `syz.6.10596'.
[  803.210617][T28751] netlink: 96 bytes leftover after parsing attributes in process `syz.7.10613'.
[  803.257160][T28757] netlink: 20 bytes leftover after parsing attributes in process `syz.1.10616'.
[  803.432700][T28763] netlink: 16 bytes leftover after parsing attributes in process `syz.6.10617'.
[  804.741798][T28830] netlink: 16 bytes leftover after parsing attributes in process `syz.2.10650'.
[  806.271374][T28861] netlink: 16 bytes leftover after parsing attributes in process `syz.7.10671'.
[  809.824822][ T1428] ieee802154 phy0 wpan0: encryption failed: -22
[  809.831299][ T1428] ieee802154 phy1 wpan1: encryption failed: -22
[  810.036838][T28940] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  811.923023][T28940] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  813.041202][T28940] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  813.214947][T28940] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  813.407011][T28940] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  813.425886][T28940] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  813.443620][T28940] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  813.459753][T28940] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  813.523717][T28984] netlink: 104 bytes leftover after parsing attributes in process `syz.6.10722'.
[  814.090382][T29017] netlink: 104 bytes leftover after parsing attributes in process `syz.7.10727'.
[  815.963595][T29062] binder: 29060:29062 ioctl 4008ae9c 0 returned -22
[  818.289321][T29102] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  819.376252][T29102] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  819.501012][T29102] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  819.646587][T29102] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  819.800705][T29102] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  819.851745][T29102] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  819.895841][T29102] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  819.967652][T29102] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  820.189283][T29161] netlink: 20 bytes leftover after parsing attributes in process `syz.6.10786'.
[  820.498604][T29172] loop6: detected capacity change from 0 to 4096
[  821.953756][T29195] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  822.134077][T29195] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  822.302117][T29195] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  822.583785][T29219] loop7: detected capacity change from 0 to 4096
[  822.631213][T29195] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  823.798319][T29195] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  823.829170][T29195] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  823.896948][T29195] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  823.932511][T29195] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  824.106313][T29246] netlink: 17 bytes leftover after parsing attributes in process `syz.5.10822'.
[  826.314271][ T8630] Bluetooth: hci0: command 0x0406 tx timeout
[  827.174321][T29274] sg_write: data in/out 16514940/1 bytes for SCSI command 0x1c-- guessing data in;
[  827.174321][T29274]    program syz.5.10844 not setting count and/or reply_len properly
[  829.062488][T29295] netlink: 17 bytes leftover after parsing attributes in process `syz.7.10845'.
[  829.459394][   T26] audit: type=1326 audit(16778274.398:790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29304 comm="syz.7.10851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb17df56c9 code=0x7ffc0000
[  829.536866][   T26] audit: type=1326 audit(16778274.428:791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29304 comm="syz.7.10851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb17df56c9 code=0x7ffc0000
[  829.670773][T29301] netlink: 96 bytes leftover after parsing attributes in process `syz.2.10849'.
[  829.834065][   T26] audit: type=1326 audit(16778274.428:792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29304 comm="syz.7.10851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb17df56c9 code=0x7ffc0000
[  829.944529][T29308] loop5: detected capacity change from 0 to 4096
[  829.964029][   T26] audit: type=1326 audit(16778274.428:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29304 comm="syz.7.10851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7feb17df56c9 code=0x7ffc0000
[  830.105351][   T26] audit: type=1326 audit(16778274.428:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29304 comm="syz.7.10851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb17df56c9 code=0x7ffc0000
[  830.131867][   T26] audit: type=1326 audit(16778274.428:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29304 comm="syz.7.10851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb17df56c9 code=0x7ffc0000
[  830.222295][   T26] audit: type=1326 audit(16778274.428:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29304 comm="syz.7.10851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb17df56c9 code=0x7ffc0000
[  830.588820][   T26] audit: type=1326 audit(16778274.428:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29304 comm="syz.7.10851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7feb17df56c9 code=0x7ffc0000
[  831.115634][   T26] audit: type=1326 audit(16778274.428:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29304 comm="syz.7.10851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb17df56c9 code=0x7ffc0000
[  831.140122][   T26] audit: type=1326 audit(16778274.428:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29304 comm="syz.7.10851" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb17df56c9 code=0x7ffc0000
[  832.820287][T29347] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  833.016827][T29347] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  834.536119][T29347] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  834.603566][T29347] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  834.688712][T29347] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  834.702982][T29347] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  834.728926][T29347] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  834.744939][T29347] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  834.932827][T29386] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  835.042060][T29386] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  835.189874][T29386] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  835.279382][T29386] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  835.746275][T29396] xt_l2tp: missing protocol rule (udp|l2tpip)
[  835.921913][T29402] tmpfs: Bad value for 'nr_inodes'
[  836.638674][T29426] netlink: 96 bytes leftover after parsing attributes in process `syz.5.10902'.
[  841.551892][T29386] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  841.565796][T29386] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  841.579489][T29386] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  841.592382][T29386] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  842.389336][T29477] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  842.467902][   T26] kauditd_printk_skb: 43 callbacks suppressed
[  842.467919][   T26] audit: type=1326 audit(16778287.408:843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29480 comm="syz.6.10936" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9ca19096c9 code=0x0
[  842.569368][T29477] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  842.726037][T29477] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  842.803770][T29477] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  842.899649][T29477] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  842.940109][T29477] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  842.959442][T29477] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  842.980036][T29477] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  843.359089][   T26] audit: type=1326 audit(16778288.298:844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29511 comm="syz.2.10939" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2680f1c6c9 code=0x0
[  845.064061][T29573] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  845.200597][T29573] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  845.308201][   T26] audit: type=1326 audit(16778290.248:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29584 comm="syz.7.10973" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feb17df56c9 code=0x0
[  845.311070][T29573] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  845.517017][T29573] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  845.729238][T29596] xt_l2tp: missing protocol rule (udp|l2tpip)
[  845.775430][T29573] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  845.826385][T29573] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  845.896386][T29573] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  845.959279][T29573] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  846.530359][T29628] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  846.598872][T29628] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  846.688818][T29628] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  846.839707][T29628] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  847.436478][T29659] device ip6_vti0 left promiscuous mode
[  847.483734][T29659] netlink: 9 bytes leftover after parsing attributes in process `syz.1.11006'.
[  847.551362][T29664] loop5: detected capacity change from 0 to 512
[  847.761510][T29664] EXT4-fs (loop5): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000001000,nodiscard,quota,,errors=continue. Quota mode: writeback.
[  853.143643][T29628] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  853.157415][T29628] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  853.170668][T29628] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  853.183535][T29628] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  853.892445][T29727] netlink: 16 bytes leftover after parsing attributes in process `syz.5.11039'.
[  853.927619][T29727] device ip6_vti0 entered promiscuous mode
[  854.672350][T29770] netlink: 20 bytes leftover after parsing attributes in process `syz.7.11060'.
[  855.793726][T29787] loop6: detected capacity change from 0 to 64
[  857.194675][T29806] netlink: 12 bytes leftover after parsing attributes in process `syz.7.11071'.
[  859.356752][T29840] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(8)
[  859.363601][T29840] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  859.402527][T29840] vhci_hcd vhci_hcd.0: Device attached
[  859.453197][T29841] vhci_hcd: connection closed
[  859.462378][T17025] vhci_hcd: stop threads
[  859.478845][T17025] vhci_hcd: release socket
[  859.483349][T17025] vhci_hcd: disconnect device
[  861.711339][T29917] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11120'.
[  864.998764][T29985] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11150'.
[  865.108293][T29987] loop7: detected capacity change from 0 to 128
[  865.245544][T29987] EXT4-fs (loop7): Ignoring removed nomblk_io_submit option
[  865.252909][T29987] EXT4-fs (loop7): Ignoring removed oldalloc option
[  865.308635][T29987] EXT4-fs (loop7): mounted filesystem without journal. Opts: grpquota,grpjquota=,nomblk_io_submit,jqfmt=vfsold,oldalloc,,errors=continue. Quota mode: writeback.
[  865.990234][T30030] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  866.071975][T30038] loop5: detected capacity change from 0 to 128
[  866.097159][T30030] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  866.107965][T30038] EXT4-fs (loop5): Ignoring removed nomblk_io_submit option
[  866.152148][T30038] EXT4-fs (loop5): Ignoring removed oldalloc option
[  866.179883][T30038] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpquota,grpjquota=,nomblk_io_submit,jqfmt=vfsold,oldalloc,,errors=continue. Quota mode: writeback.
[  866.214919][T30030] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  866.331512][T30030] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  866.525395][T30030] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  866.540389][T30030] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  866.555224][T30030] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  866.570058][T30030] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  866.637715][T30051] netlink: 8 bytes leftover after parsing attributes in process `syz.7.11180'.
[  866.975470][   T26] audit: type=1326 audit(16778311.888:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=30064 comm="syz.5.11187" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3e490416c9 code=0x0
[  868.165708][T30080] netlink: 16 bytes leftover after parsing attributes in process `syz.7.11202'.
[  868.178346][T30082] loop6: detected capacity change from 0 to 128
[  868.189238][T30080] device ip6_vti0 entered promiscuous mode
[  868.289655][T30082] EXT4-fs (loop6): Ignoring removed nomblk_io_submit option
[  868.300286][T30082] EXT4-fs (loop6): Ignoring removed oldalloc option
[  868.333177][T30090] netlink: 8 bytes leftover after parsing attributes in process `syz.2.11197'.
[  868.365068][T30082] EXT4-fs (loop6): mounted filesystem without journal. Opts: grpquota,grpjquota=,nomblk_io_submit,jqfmt=vfsold,oldalloc,,errors=continue. Quota mode: writeback.
[  868.883860][T30125] netlink: 16 bytes leftover after parsing attributes in process `syz.6.11211'.
[  868.930029][T30125] device ip6_vti0 entered promiscuous mode
[  869.060186][T30136] loop5: detected capacity change from 0 to 128
[  869.142397][T30136] EXT4-fs (loop5): Ignoring removed nomblk_io_submit option
[  869.170381][T30136] EXT4-fs (loop5): Ignoring removed oldalloc option
[  869.207198][T30136] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpquota,grpjquota=,nomblk_io_submit,jqfmt=vfsold,oldalloc,,errors=continue. Quota mode: writeback.
[  869.639577][T30169] netlink: 16 bytes leftover after parsing attributes in process `syz.2.11230'.
[  869.667766][T30169] device ip6_vti0 entered promiscuous mode
[  871.528851][ T1428] ieee802154 phy0 wpan0: encryption failed: -22
[  871.559624][ T1428] ieee802154 phy1 wpan1: encryption failed: -22
[  873.673819][T30237] netlink: 16 bytes leftover after parsing attributes in process `syz.1.11255'.
[  873.716822][T30237] device ip6_vti0 entered promiscuous mode
[  875.205248][T30254] netlink: 20 bytes leftover after parsing attributes in process `syz.6.11259'.
[  875.457140][T30265] loop5: detected capacity change from 0 to 512
[  875.479747][T30268] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  875.595099][T30265] EXT4-fs error (device loop5): ext4_xattr_inode_iget:404: inode #11: comm syz.5.11268: ea_inode with extended attributes
[  875.649053][T30265] EXT4-fs error (device loop5): ext4_xattr_inode_iget:409: comm syz.5.11268: error while reading EA inode 11 err=-117
[  875.702812][T30265] EXT4-fs (loop5): 1 orphan inode deleted
[  875.716685][T30265] EXT4-fs (loop5): mounted filesystem without journal. Opts: nodioread_nolock,journal_dev=0x00000000000000ff,debug_want_extra_isize=0x000000000000004c,nouid32,resgid=0x0000000000000000,acl,init_itable=0x0000000000008d55,,errors=continue. Quota mode: none.
[  876.738127][T30318] netlink: 'syz.1.11292': attribute type 16 has an invalid length.
[  876.762522][T30318] netlink: 64130 bytes leftover after parsing attributes in process `syz.1.11292'.
[  877.460857][T30349] ptrace attach of "./syz-executor exec"[30350] was attempted by "./syz-executor exec"[30349]
[  877.813942][T30359] loop7: detected capacity change from 0 to 512
[  877.852549][T30360] netlink: 'syz.2.11307': attribute type 16 has an invalid length.
[  877.932304][T30360] netlink: 64130 bytes leftover after parsing attributes in process `syz.2.11307'.
[  877.943175][T30359] EXT4-fs error (device loop7): ext4_xattr_inode_iget:404: inode #11: comm syz.7.11308: ea_inode with extended attributes
[  878.085309][T30359] EXT4-fs error (device loop7): ext4_xattr_inode_iget:409: comm syz.7.11308: error while reading EA inode 11 err=-117
[  878.162153][T30359] EXT4-fs (loop7): 1 orphan inode deleted
[  878.172172][T30359] EXT4-fs (loop7): mounted filesystem without journal. Opts: nodioread_nolock,journal_dev=0x00000000000000ff,debug_want_extra_isize=0x000000000000004c,nouid32,resgid=0x0000000000000000,acl,init_itable=0x0000000000008d55,,errors=continue. Quota mode: none.
[  880.691414][T30424] loop6: detected capacity change from 0 to 512
[  880.762472][T30426] netlink: 20 bytes leftover after parsing attributes in process `syz.5.11333'.
[  880.841814][T30424] EXT4-fs error (device loop6): ext4_xattr_inode_iget:404: inode #11: comm syz.6.11329: ea_inode with extended attributes
[  881.002741][T30424] EXT4-fs error (device loop6): ext4_xattr_inode_iget:409: comm syz.6.11329: error while reading EA inode 11 err=-117
[  881.085668][T30424] EXT4-fs (loop6): 1 orphan inode deleted
[  881.091551][T30424] EXT4-fs (loop6): mounted filesystem without journal. Opts: nodioread_nolock,journal_dev=0x00000000000000ff,debug_want_extra_isize=0x000000000000004c,nouid32,resgid=0x0000000000000000,acl,init_itable=0x0000000000008d55,,errors=continue. Quota mode: none.
[  882.611247][T30446] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  882.730878][T30446] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  882.882969][T30446] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  883.051743][T30446] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  883.361461][T30446] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  883.447104][T30446] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  883.558534][T30446] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  883.655081][T30446] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  988.444099][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  988.451105][    C1] rcu: 	0-...!: (1 GPs behind) idle=369/1/0x4000000000000000 softirq=90790/90791 fqs=18 
[  988.462948][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P30350/1:b..l
[  988.470987][    C1] 	(detected by 1, t=10502 jiffies, g=121121, q=299)
[  988.477802][    C1] Sending NMI from CPU 1 to CPUs 0:
[  988.483027][    C0] NMI backtrace for cpu 0
[  988.483037][    C0] CPU: 0 PID: 17004 Comm: kworker/u4:55 Not tainted syzkaller #0
[  988.483054][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  988.483081][    C0] Workqueue: bat_events batadv_nc_worker
[  988.483194][    C0] RIP: 0010:__lock_acquire+0x36f/0x7c60
[  988.483267][    C0] Code: 04 80 48 8b 4c 24 30 4c 8d a4 c1 f0 0a 00 00 48 8d 8c c1 10 0b 00 00 48 89 4c 24 18 48 c1 e9 03 48 89 4c 24 58 42 0f b6 04 01 <84> c0 0f 85 10 63 00 00 4c 8b 7d 18 48 89 54 24 60 41 89 d6 b8 00
[  988.483281][    C0] RSP: 0000:ffffc900000078c0 EFLAGS: 00000806
[  988.483295][    C0] RAX: 0000000000000000 RBX: ffff88801e2e4b00 RCX: 1ffff1100b804524
[  988.483307][    C0] RDX: 000000000000103f RSI: 0000000000000000 RDI: ffff88801e2e4b00
[  988.483318][    C0] RBP: ffffc90000007b10 R08: dffffc0000000000 R09: 0000000000000001
[  988.483330][    C0] R10: fffffbfff1ad33a6 R11: 1ffffffff1ad33a5 R12: ffff88805c022900
[  988.483343][    C0] R13: 0000000000000000 R14: ffff88805c0228f8 R15: 000000000000000a
[  988.483354][    C0] FS:  0000000000000000(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
[  988.483369][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  988.483386][    C0] CR2: 000020000008d030 CR3: 000000005b1b7000 CR4: 00000000003506f0
[  988.483401][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  988.483410][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  988.483421][    C0] Call Trace:
[  988.483428][    C0]  <IRQ>
[  988.483446][    C0]  ? try_to_wake_up+0x69d/0x1050
[  988.483487][    C0]  ? verify_lock_unused+0x140/0x140
[  988.483506][    C0]  ? verify_lock_unused+0x140/0x140
[  988.483529][    C0]  ? __pv_queued_spin_lock_slowpath+0x7e6/0x9c0
[  988.483552][    C0]  lock_acquire+0x197/0x3f0
[  988.483570][    C0]  ? advance_sched+0x47/0x940
[  988.483640][    C0]  ? __hrtimer_run_queues+0x441/0xc40
[  988.483679][    C0]  ? read_lock_is_recursive+0x10/0x10
[  988.483698][    C0]  ? __lock_acquire+0x7c60/0x7c60
[  988.483717][    C0]  ? __rwlock_init+0x140/0x140
[  988.483737][    C0]  _raw_spin_lock+0x2a/0x40
[  988.483777][    C0]  ? advance_sched+0x47/0x940
[  988.483794][    C0]  advance_sched+0x47/0x940
[  988.483813][    C0]  ? _raw_spin_unlock+0x40/0x40
[  988.483833][    C0]  __hrtimer_run_queues+0x53d/0xc40
[  988.483856][    C0]  ? taprio_free_sched_cb+0x190/0x190
[  988.483879][    C0]  ? hrtimer_interrupt+0x8d0/0x8d0
[  988.483898][    C0]  ? ktime_get_update_offsets_now+0x3ce/0x3e0
[  988.483939][    C0]  hrtimer_interrupt+0x3bb/0x8d0
[  988.483968][    C0]  __sysvec_apic_timer_interrupt+0x137/0x4a0
[  988.484008][    C0]  sysvec_apic_timer_interrupt+0x9b/0xc0
[  988.484032][    C0]  </IRQ>
[  988.484037][    C0]  <TASK>
[  988.484042][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  988.484060][    C0] RIP: 0010:lock_release+0x584/0x870
[  988.484080][    C0] Code: 00 00 00 00 9c 8f 84 24 80 00 00 00 f6 84 24 81 00 00 00 02 75 75 f7 44 24 50 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 04 2f 00 00 00 00 66 43 c7 44 2f 09 00 00 43 c6 44 2f 0b 00
[  988.484094][    C0] RSP: 0000:ffffc9000425fac0 EFLAGS: 00000206
[  988.484107][    C0] RAX: 0000000000000001 RBX: c422640388757846 RCX: dbad569255d2f100
[  988.484119][    C0] RDX: 0000000000000002 RSI: ffffffff8a0b2f00 RDI: ffffffff8a59e580
[  988.484131][    C0] RBP: ffffc9000425fbd0 R08: dffffc0000000000 R09: fffffbfff1ad33a6
[  988.484145][    C0] R10: fffffbfff1ad33a6 R11: 1ffffffff1ad33a5 R12: ffff88805c022900
[  988.484158][    C0] R13: dffffc0000000000 R14: ffff88805c0228a0 R15: 1ffff9200084bf64
[  988.484181][    C0]  ? rcu_lock_release+0x5/0x20
[  988.484199][    C0]  ? __lock_acquire+0x7c60/0x7c60
[  988.484218][    C0]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  988.484242][    C0]  batadv_nc_worker+0x25b/0x5c0
[  988.484261][    C0]  process_one_work+0x863/0x1000
[  988.484306][    C0]  ? worker_detach_from_pool+0x240/0x240
[  988.484323][    C0]  ? lockdep_hardirqs_off+0x70/0x100
[  988.484343][    C0]  ? _raw_spin_lock_irq+0xab/0xe0
[  988.484358][    C0]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  988.484375][    C0]  ? wq_worker_running+0x97/0x170
[  988.484397][    C0]  worker_thread+0xaa8/0x12a0
[  988.484428][    C0]  kthread+0x436/0x520
[  988.484468][    C0]  ? rcu_lock_release+0x20/0x20
[  988.484484][    C0]  ? kthread_blkcg+0xd0/0xd0
[  988.484499][    C0]  ret_from_fork+0x1f/0x30
[  988.484547][    C0]  </TASK>
[  988.485023][    C1] task:syz.2.11315     state:R  running task     stack:23360 pid:30350 ppid:  4190 flags:0x00004002
[  988.909578][    C1] Call Trace:
[  988.912874][    C1]  <TASK>
[  988.915827][    C1]  __schedule+0x11bb/0x4390
[  988.920442][    C1]  ? mark_lock+0x94/0x320
[  988.924798][    C1]  ? mark_lock+0x94/0x320
[  988.929238][    C1]  ? __lock_acquire+0x12d9/0x7c60
[  988.934289][    C1]  ? release_firmware_map_entry+0x190/0x190
[  988.940296][    C1]  ? preempt_schedule_irq+0xa6/0x150
[  988.945603][    C1]  preempt_schedule_irq+0xb1/0x150
[  988.950744][    C1]  ? __cond_resched+0xb0/0xb0
[  988.955451][    C1]  ? rcu_irq_exit_check_preempt+0xdb/0x200
[  988.961339][    C1]  irqentry_exit+0x63/0x70
[  988.965864][    C1]  asm_sysvec_reschedule_ipi+0x16/0x20
[  988.971352][    C1] RIP: 0010:lock_acquire+0x1f2/0x3f0
[  988.976666][    C1] Code: 00 9c 8f 84 24 80 00 00 00 f6 84 24 81 00 00 00 02 0f 85 f6 00 00 00 41 f7 c6 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 44 3d 00 00 00 00 00 66 43 c7 44 3d 09 00 00 43 c6 44 3d 0b
[  988.996294][    C1] RSP: 0018:ffffc900030cf120 EFLAGS: 00000206
[  989.002380][    C1] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 806b0c9cc783f700
[  989.010372][    C1] RDX: 0000000000000000 RSI: ffffffff8a0b2f00 RDI: ffffffff8a59e580
[  989.018364][    C1] RBP: ffffc900030cf238 R08: dffffc0000000000 R09: fffffbfff1ff7c19
[  989.026542][    C1] R10: fffffbfff1ff7c19 R11: 1ffffffff1ff7c18 R12: ffffffff8c11c760
[  989.034551][    C1] R13: 1ffff92000619e30 R14: 0000000000000246 R15: dffffc0000000000
[  989.042588][    C1]  ? read_lock_is_recursive+0x10/0x10
[  989.048004][    C1]  ? _raw_spin_lock_irqsave+0x7f/0xf0
[  989.053412][    C1]  rcu_lock_acquire+0x20/0x30
[  989.058181][    C1]  ? __page_memcg+0x140/0x140
[  989.062873][    C1]  percpu_ref_put+0x16/0x150
[  989.067484][    C1]  __mem_cgroup_uncharge_list+0x6c/0xc0
[  989.073052][    C1]  release_pages+0x1843/0x1bb0
[  989.077922][    C1]  ? lru_cache_disable+0x30/0x30
[  989.082884][    C1]  ? page_cache_free_page+0x20d/0x4e0
[  989.088313][    C1]  __pagevec_release+0x6d/0xe0
[  989.093104][    C1]  shmem_undo_range+0x5cb/0x1880
[  989.098113][    C1]  ? __lock_acquire+0x13ad/0x7c60
[  989.103169][    C1]  ? shmem_truncate_range+0xa0/0xa0
[  989.108430][    C1]  ? do_raw_spin_lock+0x11d/0x280
[  989.113486][    C1]  ? __rwlock_init+0x140/0x140
[  989.118315][    C1]  shmem_evict_inode+0x20d/0xa00
[  989.123283][    C1]  ? _raw_spin_unlock+0x24/0x40
[  989.128156][    C1]  ? inode_wait_for_writeback+0x1b0/0x200
[  989.134001][    C1]  ? shmem_free_in_core_inode+0xb0/0xb0
[  989.139565][    C1]  ? do_raw_spin_lock+0x11d/0x280
[  989.144611][    C1]  ? bit_waitqueue+0x30/0x30
[  989.149225][    C1]  ? do_raw_spin_unlock+0x11d/0x230
[  989.154444][    C1]  ? shmem_free_in_core_inode+0xb0/0xb0
[  989.160014][    C1]  evict+0x485/0x870
[  989.163992][    C1]  ? __lock_acquire+0x7c60/0x7c60
[  989.169049][    C1]  ? proc_nr_inodes+0x320/0x320
[  989.173917][    C1]  ? do_raw_spin_unlock+0x11d/0x230
[  989.179139][    C1]  ? _raw_spin_unlock+0x24/0x40
[  989.184006][    C1]  ? iput+0x706/0x8a0
[  989.188013][    C1]  __dentry_kill+0x431/0x650
[  989.192630][    C1]  dentry_kill+0xb8/0x290
[  989.196983][    C1]  dput+0xd8/0x1a0
[  989.200724][    C1]  __fput+0x5ee/0x930
[  989.204791][    C1]  task_work_run+0x125/0x1a0
[  989.209405][    C1]  do_exit+0x61e/0x20a0
[  989.213663][    C1]  ? put_task_struct+0x80/0x80
[  989.218458][    C1]  ? lock_chain_count+0x20/0x20
[  989.223340][    C1]  do_group_exit+0x12e/0x300
[  989.228172][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  989.233420][    C1]  get_signal+0x6ca/0x12c0
[  989.238057][    C1]  arch_do_signal_or_restart+0xc1/0x1300
[  989.243794][    C1]  ? force_sig_fault_to_task+0x110/0x110
[  989.249461][    C1]  ? get_sigframe_size+0x10/0x10
[  989.254428][    C1]  ? __bad_area_nosemaphore+0x3f4/0x5a0
[  989.260059][    C1]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  989.266078][    C1]  ? exit_to_user_mode_loop+0x3b/0x130
[  989.271568][    C1]  exit_to_user_mode_loop+0x9e/0x130
[  989.276877][    C1]  exit_to_user_mode_prepare+0xee/0x180
[  989.282447][    C1]  irqentry_exit_to_user_mode+0x5/0x30
[  989.287924][    C1]  exc_page_fault+0x88/0x100
[  989.292547][    C1]  asm_exc_page_fault+0x22/0x30
[  989.297436][    C1] RIP: 0033:0x7f2680f1c6d1
[  989.301875][    C1] RSP: 002b:0000000000000040 EFLAGS: 00010217
[  989.308063][    C1] RAX: 0000000000000000 RBX: 00007f2681172fa0 RCX: 00007f2680f1c6c9
[  989.316068][    C1] RDX: 0000000000000000 RSI: 0000000000000040 RDI: 0000000081248080
[  989.324068][    C1] RBP: 00007f2680f9ef91 R08: 0000000000000000 R09: 0000000000000000
[  989.332150][    C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  989.340135][    C1] R13: 00007f2681173038 R14: 00007f2681172fa0 R15: 00007fff822df9b8
[  989.348145][    C1]  </TASK>
[  989.351182][    C1] rcu: rcu_preempt kthread starved for 10465 jiffies! g121121 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  989.362808][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  989.372796][    C1] rcu: RCU grace-period kthread stack dump:
[  989.378784][    C1] task:rcu_preempt     state:R  running task     stack:26688 pid:   15 ppid:     2 flags:0x00004000
[  989.389591][    C1] Call Trace:
[  989.392890][    C1]  <TASK>
[  989.395838][    C1]  __schedule+0x11bb/0x4390
[  989.400632][    C1]  ? _raw_spin_lock_irqsave+0x7f/0xf0
[  989.406029][    C1]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  989.411939][    C1]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  989.417850][    C1]  ? _raw_spin_unlock+0x40/0x40
[  989.422723][    C1]  ? rcu_is_watching+0x11/0xa0
[  989.427501][    C1]  ? release_firmware_map_entry+0x190/0x190
[  989.433528][    C1]  schedule+0x11b/0x1e0
[  989.437710][    C1]  schedule_timeout+0x15c/0x280
[  989.442580][    C1]  ? console_conditional_schedule+0x40/0x40
[  989.448495][    C1]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  989.454403][    C1]  ? update_process_times+0x200/0x200
[  989.459800][    C1]  ? prepare_to_swait_event+0x331/0x350
[  989.465375][    C1]  rcu_gp_fqs_loop+0x29e/0x11b0
[  989.470255][    C1]  ? dyntick_save_progress_counter+0x230/0x230
[  989.476522][    C1]  ? rcu_gp_init+0x10e0/0x10e0
[  989.481316][    C1]  ? _raw_spin_unlock_irq+0x1f/0x40
[  989.486530][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  989.491749][    C1]  rcu_gp_kthread+0x98/0x350
[  989.496365][    C1]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  989.501499][    C1]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  989.507417][    C1]  ? __kthread_parkme+0x157/0x1b0
[  989.512471][    C1]  kthread+0x436/0x520
[  989.516563][    C1]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  989.521784][    C1]  ? kthread_blkcg+0xd0/0xd0
[  989.526521][    C1]  ret_from_fork+0x1f/0x30
[  989.530971][    C1]  </TASK>
[  989.534003][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  989.540336][    C1] NMI backtrace for cpu 1
[  989.544683][    C1] CPU: 1 PID: 30446 Comm: syz.1.11339 Not tainted syzkaller #0
[  989.552421][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  989.562771][    C1] Call Trace:
[  989.566065][    C1]  <IRQ>
[  989.568924][    C1]  dump_stack_lvl+0x168/0x230
[  989.573676][    C1]  ? show_regs_print_info+0x20/0x20
[  989.578893][    C1]  ? load_image+0x3b0/0x3b0
[  989.583419][    C1]  ? irq_work_queue+0xbf/0x140
[  989.588275][    C1]  nmi_cpu_backtrace+0x397/0x3d0
[  989.593425][    C1]  ? nmi_trigger_cpumask_backtrace+0x280/0x280
[  989.599613][    C1]  ? _printk+0xcc/0x110
[  989.603931][    C1]  ? cpu_online+0x1d/0x30
[  989.608303][    C1]  ? load_image+0x3b0/0x3b0
[  989.612843][    C1]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  989.618941][    C1]  nmi_trigger_cpumask_backtrace+0x163/0x280
[  989.624965][    C1]  rcu_check_gp_kthread_starvation+0x1cd/0x250
[  989.631301][    C1]  print_other_cpu_stall+0x10c8/0x1220
[  989.636812][    C1]  ? print_cpu_stall+0x5f0/0x5f0
[  989.641778][    C1]  ? timekeeping_advance+0x7f6/0xac0
[  989.647262][    C1]  rcu_sched_clock_irq+0x831/0x1110
[  989.652593][    C1]  ? rcutree_dead_cpu+0x20/0x20
[  989.657574][    C1]  ? account_process_tick+0x227/0x3a0
[  989.663065][    C1]  update_process_times+0x193/0x200
[  989.668292][    C1]  tick_sched_timer+0x37d/0x560
[  989.673218][    C1]  __hrtimer_run_queues+0x4fe/0xc40
[  989.678453][    C1]  ? tick_setup_sched_timer+0x2c0/0x2c0
[  989.684046][    C1]  ? hrtimer_interrupt+0x8d0/0x8d0
[  989.689292][    C1]  ? ktime_get_update_offsets_now+0x3ce/0x3e0
[  989.695653][    C1]  hrtimer_interrupt+0x3bb/0x8d0
[  989.700671][    C1]  __sysvec_apic_timer_interrupt+0x137/0x4a0
[  989.706690][    C1]  sysvec_apic_timer_interrupt+0x9b/0xc0
[  989.712359][    C1]  </IRQ>
[  989.715319][    C1]  <TASK>
[  989.718279][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  989.724292][    C1] RIP: 0010:smp_call_function_many_cond+0xb88/0xd70
[  989.730913][    C1] Code: b6 44 05 00 84 c0 0f 85 9d 00 00 00 41 8b 1c 24 89 de 83 e6 01 31 ff e8 66 49 0b 00 83 e3 01 75 07 e8 fc 45 0b 00 eb 43 f3 90 <48> b8 00 00 00 00 00 fc ff df 41 0f b6 44 05 00 84 c0 75 11 41 f7
[  989.750718][    C1] RSP: 0018:ffffc90003bdf4e0 EFLAGS: 00000293
[  989.756818][    C1] RAX: ffffffff816c863b RBX: 0000000000000001 RCX: ffff88805b0a1dc0
[  989.764933][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  989.773107][    C1] RBP: ffffc90003bdf620 R08: dffffc0000000000 R09: ffffed101722767b
[  989.781106][    C1] R10: ffffed101722767b R11: 1ffff1101722767a R12: ffff8880b9042848
[  989.789199][    C1] R13: 1ffff11017208509 R14: ffff8880b913b3c0 R15: 0000000000000000
[  989.797320][    C1]  ? smp_call_function_many_cond+0xbab/0xd70
[  989.803476][    C1]  ? native_flush_tlb_multi+0xd0/0xd0
[  989.808884][    C1]  ? smp_call_function_many+0x30/0x30
[  989.814283][    C1]  ? pgtable_pmd_page_dtor+0x1cb/0x280
[  989.819858][    C1]  ? tlb_remove_page+0xe/0x20
[  989.824556][    C1]  ? ___pmd_free_tlb+0x90/0x90
[  989.829354][    C1]  ? rcu_is_watching+0x11/0xa0
[  989.834163][    C1]  ? native_flush_tlb_multi+0xd0/0xd0
[  989.839580][    C1]  on_each_cpu_cond_mask+0x3b/0x80
[  989.844855][    C1]  flush_tlb_mm_range+0x360/0x560
[  989.849924][    C1]  ? flush_tlb_multi+0x50/0x50
[  989.854745][    C1]  tlb_flush_mmu_tlbonly+0x1b1/0x3f0
[  989.860162][    C1]  tlb_finish_mmu+0xc5/0x2e0
[  989.864797][    C1]  exit_mmap+0x3a6/0x5f0
[  989.869083][    C1]  ? vm_brk+0x20/0x20
[  989.873112][    C1]  ? uprobe_clear_state+0x2f6/0x460
[  989.878328][    C1]  ? mm_update_next_owner+0x522/0x640
[  989.883851][    C1]  __mmput+0x115/0x3b0
[  989.887953][    C1]  exit_mm+0x567/0x6c0
[  989.892062][    C1]  ? xacct_add_tsk+0x4b0/0x4b0
[  989.897021][    C1]  ? do_exit+0x20a0/0x20a0
[  989.901474][    C1]  ? taskstats_exit+0x439/0xab0
[  989.906354][    C1]  ? tty_audit_exit+0x14e/0x1f0
[  989.911300][    C1]  do_exit+0x5a1/0x20a0
[  989.915488][    C1]  ? put_task_struct+0x80/0x80
[  989.920273][    C1]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  989.926279][    C1]  ? lock_chain_count+0x20/0x20
[  989.931147][    C1]  ? _raw_spin_lock_irq+0xab/0xe0
[  989.936192][    C1]  do_group_exit+0x12e/0x300
[  989.940801][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  989.946027][    C1]  get_signal+0x6ca/0x12c0
[  989.950484][    C1]  arch_do_signal_or_restart+0xc1/0x1300
[  989.956148][    C1]  ? kick_process+0xd4/0x140
[  989.960765][    C1]  ? get_sigframe_size+0x10/0x10
[  989.965732][    C1]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  989.971736][    C1]  ? exit_to_user_mode_loop+0x3b/0x130
[  989.977222][    C1]  exit_to_user_mode_loop+0x9e/0x130
[  989.982527][    C1]  exit_to_user_mode_prepare+0xee/0x180
[  989.988095][    C1]  syscall_exit_to_user_mode+0x16/0x40
[  989.993570][    C1]  do_syscall_64+0x58/0xa0
[  989.997999][    C1]  ? clear_bhb_loop+0x30/0x80
[  990.002696][    C1]  ? clear_bhb_loop+0x30/0x80
[  990.007399][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  990.013305][    C1] RIP: 0033:0x7f27994c76c9
[  990.017733][    C1] Code: Unable to access opcode bytes at RIP 0x7f27994c769f.
[  990.025111][    C1] RSP: 002b:00007f279772e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  990.033537][    C1] RAX: 000000000000003c RBX: 00007f279971dfa0 RCX: 00007f27994c76c9
[  990.041522][    C1] RDX: 0000000000000030 RSI: 0000200000000100 RDI: 0000000000000005
[  990.049513][    C1] RBP: 00007f2799549f91 R08: 0000000000000000 R09: 0000000000000000
[  990.057503][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  990.065604][    C1] R13: 00007f279971e038 R14: 00007f279971dfa0 R15: 00007ffcb0d75d58
[  990.073623][    C1]  </TASK>