last executing test programs:

9m9.83245465s ago: executing program 3 (id=228):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x22003, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x30)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000800000000101"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000002000000000000000700000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70300000000000085"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket(0x10, 0x803, 0x0)
socket$unix(0x1, 0x2, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x8100, 0x0, {0x0, 0xffe1}, {0xffff, 0xffff}, {0xffe0, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x9}}]}}]}, 0x48}}, 0x8000)
sendmsg$nl_route_sched(r6, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002400)=@newtfilter={0x9d0, 0x2c, 0xd2b, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xf}, {}, {0xffff, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x9a4, 0x2, [@TCA_U32_SEL={0x134, 0x5, {0xf, 0x4, 0xb8, 0x1, 0x4, 0x100, 0x4, 0x8, [{0xc, 0xe9, 0x1, 0x7}, {0x6c8, 0x40, 0x1, 0xa2}, {0x2, 0x4, 0x4}, {0x98, 0x1, 0x1, 0x4}, {0x7ff, 0x4, 0x5683, 0x2}, {0x8, 0x7, 0x6, 0x40}, {0x6, 0x1, 0x7fffffff, 0x8}, {0x3ca, 0x7, 0xb470, 0x72c}, {0x1, 0xa, 0x6, 0xfffffffa}, {0x0, 0x694, 0x8000, 0x2}, {0x33, 0x8, 0xfffffffc, 0x3ff}, {0x9, 0xa619, 0xfffff801, 0x6}, {0x2, 0x8bd9, 0x2409, 0x8}, {0x6066, 0xfffffffe, 0x1ff, 0xea}, {0xfffffff7, 0x55, 0x4}, {0x3, 0x2, 0xfff, 0xa}, {0xb06, 0x4, 0x9, 0x5b58000}, {0x2, 0x4, 0x7, 0xea}]}}, @TCA_U32_SEL={0x24, 0x5, {0xd, 0x7, 0x1, 0x3d3f, 0x0, 0xfff, 0x3, 0x58f, [{0x0, 0x20008000, 0x4, 0x1}]}}, @TCA_U32_POLICE={0x848, 0x6, [@TCA_POLICE_RATE={0x404, 0x2, [0x1c79, 0x3, 0x2, 0x5, 0xff, 0x8, 0x1, 0x1, 0x2d0, 0x2, 0x1, 0xb, 0x6, 0x0, 0x2, 0x2, 0x9, 0x7, 0x0, 0xffffffff, 0x6, 0x1, 0x5, 0xc4, 0xa117, 0x8, 0xab, 0xfffffffa, 0x1, 0x0, 0x4, 0x1fc0000, 0x4, 0x200, 0x80, 0x1, 0x1, 0x0, 0x4, 0x2000007, 0x2, 0x1, 0x610, 0x100, 0xb, 0xfb, 0x4, 0xa29, 0x7f, 0x82, 0x200, 0x48, 0x2, 0x1, 0x2, 0x101, 0x10005, 0xdd, 0x5, 0x8, 0x431d3ae0, 0xc03, 0x9, 0xfffffffa, 0x9349, 0x1, 0x100, 0x7ff, 0x1, 0x1, 0x8, 0x401, 0x3, 0x6, 0x5, 0x6, 0x19e, 0x2, 0x6, 0xf, 0xc00000, 0xe, 0x7, 0x3326ea0a, 0x8007, 0x80000001, 0x25, 0x1, 0x8, 0x8001, 0x9, 0x6, 0x54773818, 0x8, 0x8001, 0x6, 0x7f, 0x373, 0x4, 0x4, 0x80, 0xc000000, 0x7ff, 0x6138, 0x49e, 0x3ff, 0x8, 0x0, 0x3, 0x0, 0x2, 0x10000, 0x3, 0x2, 0x9, 0x3, 0x7fffffff, 0x101, 0x3, 0xc42, 0x4, 0x7, 0x401, 0x5, 0x0, 0x4, 0x80000001, 0x8000, 0x5, 0x2fb, 0x5907, 0x8, 0x81, 0x7, 0x4, 0xfffffffc, 0xffff0001, 0x2, 0xffff, 0x8, 0x2396, 0x8000, 0xfffffffc, 0x5, 0x1, 0xfff, 0x91e0000, 0x4, 0x3, 0xfae, 0x40, 0x900, 0x6, 0x0, 0x2, 0x6, 0x6, 0xdc, 0x9, 0x800, 0xfffffff7, 0x4, 0x2, 0x30, 0xff, 0x3, 0x80, 0x6, 0x7, 0x9, 0x4, 0x0, 0x5, 0x4342, 0xfa52, 0x4, 0x7fff, 0x7, 0x381, 0xfffffff2, 0xfffffff6, 0x100, 0x8, 0xf73, 0x400, 0x0, 0x5, 0xe, 0x0, 0x3, 0xfffffc01, 0x2, 0xe, 0x4, 0xfffffff9, 0xf5f, 0x2, 0x0, 0x6, 0x1, 0x9, 0x80, 0x2, 0x0, 0x0, 0xfb, 0x3, 0x8, 0x8, 0x80000001, 0x5, 0x0, 0xb, 0x3159, 0x6, 0xfffffff7, 0xe4f7, 0x6, 0x4, 0xfffffffc, 0x8, 0x9, 0x1c15, 0xa098, 0x0, 0x0, 0x6, 0xb, 0x6, 0x2, 0x80000001, 0x9, 0xfffffed0, 0x2, 0x7, 0x56, 0x2, 0x4, 0x7, 0x2009, 0xb, 0x6, 0x4, 0x1, 0x3, 0x7, 0x9, 0x7, 0x3b42, 0x0, 0x1, 0x9, 0x1, 0x0, 0x3, 0x8]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x8, 0xffffffff, 0xffff0d7b, 0x6, 0x3, 0xc79, 0x74100000, 0x800, 0x7, 0xfffffffd, 0x76e8, 0x4, 0x0, 0x9, 0xb046, 0x7, 0x101, 0x8, 0x20000, 0x6, 0x4, 0xfffffffe, 0x0, 0x7f, 0x3, 0x7c68080b, 0x4, 0x9, 0x3, 0x80000001, 0x0, 0xa, 0x7, 0x2, 0x4, 0x62f1, 0x2, 0x995, 0x1, 0xf, 0xb, 0x7f, 0x9, 0x7, 0x4, 0x6, 0xc39, 0x6, 0x7, 0x2, 0x5, 0x4b0f, 0x3ff, 0x3, 0x93, 0x5, 0x2, 0x0, 0x6, 0x0, 0x0, 0x7, 0x0, 0xffff, 0x9, 0xffffffff, 0x4, 0x9, 0xa2c, 0xda0b, 0x7, 0x40, 0x9, 0xefa8, 0x1, 0xe6, 0x0, 0xe, 0x2, 0x4, 0x6, 0xfffffff9, 0x4, 0x8, 0x4, 0x0, 0xea, 0xbed1, 0x10001, 0x8, 0x7fff, 0x3, 0x8, 0x0, 0x9, 0x5dac, 0xdb, 0x1, 0x8, 0x9, 0x2, 0x2000, 0xfc000000, 0xfffffff9, 0x3, 0x4, 0x0, 0x0, 0x4, 0x437, 0xfffffff9, 0x5, 0x3, 0xe2000, 0x6, 0x8001, 0xa, 0x6, 0x5, 0x0, 0xef83, 0x8, 0x4, 0x3ff, 0x0, 0x5, 0x10000, 0xf6, 0x7, 0x3, 0x3ff, 0x5, 0xaf7e, 0x5, 0x7ff, 0x2, 0x3, 0x8, 0x525, 0x9, 0x0, 0x3, 0x401, 0x9, 0x6, 0x8, 0x1, 0x8, 0x7, 0xfffffffb, 0x7, 0x81000001, 0xfffffffd, 0x4, 0x8fb3, 0x7fffffff, 0xfffffff9, 0x800, 0x2, 0x7fff, 0x5, 0x7, 0xfffffffc, 0x4, 0x3, 0x82, 0xff, 0x6, 0x3, 0x46, 0x1, 0x958, 0x3, 0x80000001, 0x7, 0x9, 0x5, 0xfffffffa, 0x0, 0x5, 0x4d4, 0x9, 0x8, 0x75968514, 0x0, 0x46cc, 0x8, 0x6, 0x40, 0x9, 0x8, 0x4, 0x7054, 0x3, 0x3, 0x1, 0x70, 0xa, 0x9, 0x9, 0x400, 0x40003dc1, 0x0, 0xe6a2, 0x8, 0x6, 0x8, 0x6, 0x80000001, 0xff, 0x2, 0x6, 0x80000000, 0x0, 0xd42700, 0x8001, 0xb, 0x8000, 0x9, 0x4, 0x6302, 0x1eeacb39, 0xe, 0x4, 0x5, 0xd9a, 0x9, 0x0, 0x8, 0x3, 0x2, 0x0, 0x100, 0x3ff, 0x5, 0x3ff, 0x40, 0x7ffffffe, 0xff, 0x5, 0x6, 0x1000, 0x37, 0x81, 0x7fffffff, 0x9, 0x5ca, 0x5, 0x5d6a, 0x2, 0x3, 0x6, 0x81, 0x10000]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x1, 0x7f, 0x4, 0x9, {0x3, 0x1, 0x4, 0x17f, 0x0, 0x1ff}, {0x6, 0x2, 0xff, 0x7, 0x5, 0xffffffff}, 0x9, 0xe90, 0x6db5cd0}}]}]}}]}, 0x9d0}, 0x1, 0x0, 0x0, 0x1}, 0x2404c084)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000f0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r7, 0x2000012, 0xd, 0x0, &(0x7f0000000c40)="63eced8e46b70300b2dc0002df", 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

9m7.62335565s ago: executing program 3 (id=231):
openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
socket$packet(0x11, 0x2, 0x300)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
socket$inet6(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_int(r3, 0x0, 0x1a, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_RELOAD_REGDB(r4, &(0x7f00000006c0)={0x0, 0x500, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r5, 0x421, 0x70bd2a, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0xc35d4f6d52288271}, 0x200048c4)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r6, 0x0, 0x0, 0x22004001, 0x0, 0x0)
splice(r6, 0x0, 0xffffffffffffffff, 0x0, 0x406f413, 0x0)
syz_emit_ethernet(0x33, 0x0, 0x0)
clock_adjtime(0xffffffd3, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
r7 = syz_open_dev$vcsu(&(0x7f0000000000), 0x6, 0x18800)
mmap$binder(&(0x7f00005b3000/0x2000)=nil, 0x2000, 0x1, 0x11, r7, 0x1)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)

9m5.763358489s ago: executing program 3 (id=235):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x10, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="bc000000000000007910480000000000630a04ff000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0x3e0, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x76}, 0x21)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)

9m5.264685099s ago: executing program 3 (id=237):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000400)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x10a78c0, 0x0)
chdir(&(0x7f0000000140)='./file0/file0\x00')
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x2800000, &(0x7f0000000500)={[{@debug}, {@stripe={'stripe', 0x3d, 0x61}}, {@grpid}, {@test_dummy_encryption_v1}, {@nodiscard}, {@data_err_ignore}, {@acl}, {@journal_ioprio}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7}}]}, 0x1, 0xbb4, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnHy2zb2TXi6X27tpLpdLC+I0raTYIthKxY0LQbdCQzopIdMPkkhNmsVE/wFR14IbQS1KF3bdjYJbN1q3FhdCkdgoiGjkzEeSJjNJ2k5yYvL7wZvzvvOcOe/z5DBzzgszE8CeNZD9SSMORcT5JKJQfzyNiO5qrzeiUttvYX525Jf52ZEkFhdf/jGJJCLuz8+ONI6V1LcH6oPeiPjquST+8ebaeSenZ8aHy+XSRH18bOrS1WOT0zNPjl0avli6WLp8/OTTQyeGTg6eGmpbrb9+d+bWz/994fvKbx/9fuOndz5I4kz01WMr66hX/dgGYmDpf7JSZ0QMt+H4O0FHvZ6VdSadGzwp3eKkAABoKV1xD/evKERHLN+8FeLzr3NNDgAAAGiLxY6IRQAAAGCXS6z/AQAAYJdrfA7g/vzsSKPl+4mE7XXvbET01+pfqLdapDMq1W1vdEXE/vtJrPxaa1J72mMbiIi73576NGvR5HvIW60yFxH/bnb+k2r9/fVvQq+uP42IwTbMP7Bq/Feq/0wb5s+7fgD2pttnaxeytde/dOn+J5pc/zqbXLseRd7Xv8b938Ka+7/l+jta3P+9tMk5rn/43rVWsaz+Z249/0mjZfNn28cq6iHcm4v4T2ez+pOl+pMW9Z/f5ByFP66VWsXyrn/x/Ygj0bz+hmT93yc6NjpWLg3W/jadY+7LoY9bzZ93/dn539+i/o3O/9UHjtT6R31ePXfuZqvYxvWnP3Qnr1R73fVHXh+empo4HtGdvLj28RPr19vYp3GMrP6j/1v/9d+s/uw9oVL/P2SVz9W32fiNVXM+e+P6Z+vVn6398jz/Fx7x/L+1yTn+/8XbR1vFVq5/s5bNfzeprYUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCGNiL5I0mJEJNV+mhaLEQci4p+xPy1fmZx6YvTKa5cvZLGI/uhKR8fKpcGIKNTGSTY+Xu0vj0+sGj8VEQcj4t3Cvuq4OHKlfCHv4gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhyICL6IkmLEZFGxEIhTYvFvLMCAAAA2q4/7wQAAACALWf9DwAAALuf9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABb7ODh23eSiKic3ldtme56rCvXzICtluadAJCbjrwTAHLTmXcCQG4eco3vdgF2oWSDeG/LSE/bcwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg5zpy6PadJCIqp/dVW6a7Hutq+ozD25gdsJXSvBMActOxXrBz+/IAtp+XOOxdzdf4wF6SbBDvXd6n8mCkZ8tyAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDn6au2JC1GRFrtp2mxGPG3iOiPrmR0rFwajIi/R8Q3ha6ebNyTd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC03eT0zPhwuVya0NHRybeT7Iw0ap2835kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMjD5PTM+HC5XJqYzDsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIG+T0zPjw+VyaWITnZsPs/OKTt41AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQnz8DAAD//9b4DfQ=")

9m4.482468935s ago: executing program 3 (id=241):
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='ns\x00')
getdents(r0, 0x0, 0x0)

9m1.804715003s ago: executing program 3 (id=247):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
pipe(&(0x7f0000000040))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x803, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xec)
socket$inet6(0xa, 0x1, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
getpid()
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000380)=@HCI_EVENT_PKT={0x4, @extended_inquiry_info={{0x2f, 0x1fd}, {0x2, [{@any, 0x9, 0x1, "cdaaf1", 0x3, 0x7, "8e60c15df36640acbce967e3e19d05dc5dd83ba298452e1b35c4a49ec78e56646874086553f36812819d35d5b6582eb675271ae90c090d172912fb7a10a55b9dff73f2a3e5424d2d4007e168ee80ba624185929136a7a9a4e818e91d439c8290c8d81c64a31cd3371b338be158a092d3c7aa8333083dc9581f700354ee4a14b7b5ae3ff2fb1f108b03fd189a72d141cb17c8a62ee457183a331cb1f91a43d32d1e3ad225bf38823cfe8bbb251381862fca291e50b580118c6dd0337fa73815b8ab6a9883299fea154fbb99d7ed794159fb7d59ad9193e1487e53e929784790e8fae420a0748f6da4856119e5c22d5a15"}, {@none, 0x9, 0x1, "934479", 0xe, 0x5, "a63b657443c6f8ed6b53826d51eac3616c07dfe09fe6efd8e74255f0081b4fac0747f5ce2531907337994eb30bab94b5b30e8b5d6c35569060dea2bd369c06877688358f5172452535cff4d3836726fa2094965f435c64ce98e4ff210722666285fee85395f91796a4716c9c735d52b9427c1d76d281be037f6461c931086aa052204f927578b23fde572778b3e92073d17bd9c549e3f4058af41520984cf2a186ec09e4f493b82fa9b08d94a564b2d43f5545f5fdf7367244d57047cae8fd2bc72f022a4e6b57ff599cc8624fa985026a84d0b743b2451c3702e9dd3f5348470ee2acdcb3c4d667f487d8646dbaecee"}]}}}, 0x200)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
syz_open_dev$MSR(&(0x7f0000000040), 0x7, 0x0)
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000019100)='net/fib_trie\x00')
pread64(r5, &(0x7f0000000080)=""/102356, 0x18fd4, 0x1c)
sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="440000000102030000000000000000000a000008300001802c0001"], 0x44}, 0x1, 0x0, 0x0, 0x14840}, 0x10)

9m0.414782335s ago: executing program 32 (id=247):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
pipe(&(0x7f0000000040))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x803, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xec)
socket$inet6(0xa, 0x1, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
getpid()
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000380)=@HCI_EVENT_PKT={0x4, @extended_inquiry_info={{0x2f, 0x1fd}, {0x2, [{@any, 0x9, 0x1, "cdaaf1", 0x3, 0x7, "8e60c15df36640acbce967e3e19d05dc5dd83ba298452e1b35c4a49ec78e56646874086553f36812819d35d5b6582eb675271ae90c090d172912fb7a10a55b9dff73f2a3e5424d2d4007e168ee80ba624185929136a7a9a4e818e91d439c8290c8d81c64a31cd3371b338be158a092d3c7aa8333083dc9581f700354ee4a14b7b5ae3ff2fb1f108b03fd189a72d141cb17c8a62ee457183a331cb1f91a43d32d1e3ad225bf38823cfe8bbb251381862fca291e50b580118c6dd0337fa73815b8ab6a9883299fea154fbb99d7ed794159fb7d59ad9193e1487e53e929784790e8fae420a0748f6da4856119e5c22d5a15"}, {@none, 0x9, 0x1, "934479", 0xe, 0x5, "a63b657443c6f8ed6b53826d51eac3616c07dfe09fe6efd8e74255f0081b4fac0747f5ce2531907337994eb30bab94b5b30e8b5d6c35569060dea2bd369c06877688358f5172452535cff4d3836726fa2094965f435c64ce98e4ff210722666285fee85395f91796a4716c9c735d52b9427c1d76d281be037f6461c931086aa052204f927578b23fde572778b3e92073d17bd9c549e3f4058af41520984cf2a186ec09e4f493b82fa9b08d94a564b2d43f5545f5fdf7367244d57047cae8fd2bc72f022a4e6b57ff599cc8624fa985026a84d0b743b2451c3702e9dd3f5348470ee2acdcb3c4d667f487d8646dbaecee"}]}}}, 0x200)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
syz_open_dev$MSR(&(0x7f0000000040), 0x7, 0x0)
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000019100)='net/fib_trie\x00')
pread64(r5, &(0x7f0000000080)=""/102356, 0x18fd4, 0x1c)
sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="440000000102030000000000000000000a000008300001802c0001"], 0x44}, 0x1, 0x0, 0x0, 0x14840}, 0x10)

8m19.443065946s ago: executing program 1 (id=329):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x16, 0xe, &(0x7f00000011c0)=ANY=[@ANYBLOB="b702000000000080bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000008b000000b70000000000000095000000000000008e17f199a68b061b93d83298a8cdda1ce784909b849d5550ad855dab54d8877a6db61d69f2ffcaa10350e11cb97ce8df1bc9a0c4eeceb9971e43405d621ffbc9b0d8ca56b50f0c010d631f6dbc8486bc5d5bf2ca8285056892db03cf1c62d57c08a90b189d190c341035de53a9a53608c10556e5734eb84049761451ce540c772e069f80cb201b2de17dfdb4b60939d5d6aed4062049b87e03e2cd18a77dda613e0c64497fcc059c062234d5595f6fbaa187b81d1106000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8000000000000000b91c61bd99dc89f12907af7dccd106cb937b450f859ce8292a79c3e40000b59b0fc46d6cec3c080a882add4e1179bd4a44f231a2d73148be4248cdc138408ba953df4aece69311687f4122073a236c3a32efa04137d46f0247d2638da3261c8162bb7c7824be6195a66d2e17e122040e11001131ce319045e5b3334e68475ac3f46aa2837f9004600daded9b19b35eebe52613c346e255421b23a278fd00004270b1cd5fc9aa2286ccca37db965d9dd366598f5ec993cb0cf127e2a46cfbdf63eea190d86a4d1b75ae98480100bd5828954a7d093a54f7e75b3753508ca3c41685d1e407315e59d626c23b3f89a926e9382966853774e7dd1f1a2177cdf2802237c177d543e8da47a01f05e113e53518270239b69c117e2637c31085f4d8a596b6edab26afaf6605b231199f38a6fc7eb83714387450ea18eafbace8eec18a4b2c442e7b88a7611c1283bec84e1715fb9f4fcaf52c08058fc4f21c0ad71adabdd850aed3eeec6eaab347bdf474e17b9aa345d1e6e3bb83f90230bdf53e7d0e5c3f914d905422b83f30936674ba8f0bffaf2305c0972df71fe5f4e01506471e897bced7798509e64df360d95f9a4099f86438ac2bbcbdbd1d9db21a1d5c065567fd70aae68096827fa5c2d9bd20292344c7dcf6241447cfbb05b5d0fdb4e08afbac5397b64aa369922ed7ed8918f97294b6854210d2b93aaf92159dbaa2f186d4a420c68d6baf1c31de4f0bf478bfd51bb1e96ea849a80ae5a89be7e38474c7aade344d68324f9e12a6b9770e6bd12ae69efffaee58040753701af84c2924c1b5aea1650f42c9ae9820a33095f062fb88313d035ea405515a61a4be64f9fa0985c5be592090cc48291004609fdac2ab6100000000000000a84570c7c00d647daf8af334050b61e9b2d3f0adad1d1ff47be19b8da2799e9ecef8efabe73f92dbd0760f8bbd9c590bd1371e2b5d9a2ea2190f5e4f5cd641cdfe5d89f84a368ef7e6ff1eacdc0ec9e97b8f9c9e314661ea0aa8a104008d188b66b3a4aedeed9df4238a08fc2fb1007233cc2c87fcaa0cccd8ec03444471c1dd660c87acc17bff740d199a7c0c52c63c0408b5158e0000000c275eedb02f141113cf2c55b2c08c2c68cc99d2bb5840fba332e1c82862ec9b90106248f81d32a47ac94ddee815dba8aeb5d3121cf247a81aef7805b020e9eec44cbe3055be69fe066824ba2292b9cdce41635fc00df96fb10a3a8cc60c4a76c65ebbb0640e0a29de94edf5cbefac1c5fa96e7080af804b22cabce10ea52f1018527f4aa39cdafa3eff63de2a7f50d042667820f6f8", @ANYRES16=r0, @ANYRESOCT], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @flow_dissector=0x11, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340), 0x10}, 0x94)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f000077e000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000300)=""/245, 0xf5, 0x1, &(0x7f00000000c0)=""/104, 0x68}, &(0x7f0000000180)=0x40)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000380000003800000003000000010000000000000100000000000000000000000000000001050000001000000000000000000000030000000001"], 0x0, 0x53}, 0x28)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000540)={0x2, 0x6, 0x2, 0x0, 0x2, 0x0, 0x2}, 0x10}}, 0x0)
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)
ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000a00)=ANY=[@ANYBLOB="02000000000000000400000000000000070000007f000000030000000000000002000001000000000000800000000000000000000000000000000003edffffffffffffff0000000000000004000000000000000500000000000000fdffffffffffffff00000000000000000000000000000000050600000000000000000000000000000900000000000000014d00000000000003000000000000000000000000000000000000000000000000100000000000000000000000000000daf2de168b456604d746510c52d3f56b1f297b910d585cbee0c24f9e1ed76e33ef8f05b63fc1048afa8228728f390f455f2baa4fddb29666e594d8ed55d000271b0e9c791d54970a168d2c8f17af18a571b520eb2e33b7d33f60e4016b4f95c5a884b449c7312bc4542c798c464395a686d8ba86787c990e2845e55ee6876395a8fa744ddbc1b670683b2e34846d926f6666492b06b0f396ee8c6888fb309206d2be493c718f970711761227a833ffa7b13cf9135c0bd5974f54a465e44ecd5bbe2b9b7f9c372844589917fe24c806e39fd36a9d73a0df0600"/416])
madvise(&(0x7f0000f0f000/0x2000)=nil, 0x2000, 0x15)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2000011, 0x28011, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="a29e000000000000000000000000000000000800", @ANYRES32=r4, @ANYBLOB], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={r5, 0xffffffffffffffff, 0x16, 0x0, @void}, 0x10)

8m17.433515075s ago: executing program 1 (id=335):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000780)={0x0, 0x4, 0x0, [0x806f, 0x0, 0x2d5, 0x2, 0x6], [0x6, 0x7, 0x1, 0x9, 0x8d3, 0x0, 0x31d, 0x2, 0x0, 0x802, 0x9, 0x200000100, 0x3, 0xfffffffffffffff4, 0x4a, 0x1000000000005, 0x100, 0xd, 0xdd, 0x5, 0x1, 0x2a9, 0x3, 0xc39, 0x8, 0x8, 0x100000000, 0x2, 0xa51, 0x8, 0x401, 0x800000000000003, 0x40008, 0xfffffffffffffffa, 0x81, 0x100, 0x5, 0x931, 0x101, 0x3, 0x8001, 0x8000000000000000, 0x7, 0x1, 0x8, 0x8, 0x6aa, 0x102, 0x1, 0x83, 0x538a, 0x9, 0xfffffffffffffff7, 0x4, 0x0, 0x4, 0x5, 0x8, 0x80008000, 0x8000000000000000, 0x4, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x5bc, 0x1, 0x7fffffff, 0x4, 0x8000, 0xc9, 0x7, 0x6, 0x9, 0x82c, 0x8000, 0xe000000000000, 0xe4, 0x11, 0x0, 0x8, 0x22, 0xffffffffffffffff, 0x7, 0x1, 0xd7ed, 0x2000000009, 0x8, 0x0, 0x6, 0x6, 0x7, 0x100000002, 0x4, 0x4, 0x8, 0x7, 0x7, 0x9, 0x1, 0x16d, 0x6, 0x68d, 0xffffffffffff43b0, 0x8, 0x50000000000000, 0xe, 0x0, 0x0, 0x8000000000000000, 0x4, 0x7, 0x406, 0x3, 0x6, 0x5, 0x0, 0x3, 0x40, 0x7fffffff, 0x8, 0x3, 0x1]})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x899, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1c, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="dbaa00fea0"], 0x0, 0xb, 0x0, 0x0, 0x0, 0x6f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

8m16.925927064s ago: executing program 1 (id=339):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
setpriority(0x1, 0x0, 0x7)

8m15.420229032s ago: executing program 1 (id=343):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102392, 0x18ff8)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
getrusage(0xffffffffffffffff, &(0x7f00000000c0))

8m14.264861301s ago: executing program 1 (id=346):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00')
read$FUSE(r5, &(0x7f0000003a00)={0x2020}, 0x2020)

8m12.008605003s ago: executing program 1 (id=350):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x0, 0x0)
sched_setaffinity(0x0, 0xc67e7be33bfcd098, &(0x7f0000000180)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x3)
ioctl$TIOCSSOFTCAR(r2, 0x80047437, &(0x7f0000000140)=0x10)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x140)
ppoll(&(0x7f0000000240)=[{r3, 0x1000}, {r3, 0x100}], 0x2, 0x0, 0x0, 0x0)
unshare(0x6020400)
r4 = open(&(0x7f0000000200)='./file1\x00', 0x4827e, 0xdc)
fallocate(r4, 0x1200, 0x0, 0x8800000)
setsockopt(r3, 0x95b, 0xfb2f, &(0x7f0000000180)="891c5308c285af5457a5f8d096708d530c3460876db46f299b1be557583808", 0x1f)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x3, &(0x7f0000000200)=[{0x15, 0x0, 0x1}, {0x1}, {0x6, 0x0, 0x0, 0x7ffffdbe}]})

7m56.467026665s ago: executing program 33 (id=350):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x0, 0x0)
sched_setaffinity(0x0, 0xc67e7be33bfcd098, &(0x7f0000000180)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x3)
ioctl$TIOCSSOFTCAR(r2, 0x80047437, &(0x7f0000000140)=0x10)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x140)
ppoll(&(0x7f0000000240)=[{r3, 0x1000}, {r3, 0x100}], 0x2, 0x0, 0x0, 0x0)
unshare(0x6020400)
r4 = open(&(0x7f0000000200)='./file1\x00', 0x4827e, 0xdc)
fallocate(r4, 0x1200, 0x0, 0x8800000)
setsockopt(r3, 0x95b, 0xfb2f, &(0x7f0000000180)="891c5308c285af5457a5f8d096708d530c3460876db46f299b1be557583808", 0x1f)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x3, &(0x7f0000000200)=[{0x15, 0x0, 0x1}, {0x1}, {0x6, 0x0, 0x0, 0x7ffffdbe}]})

4m19.884731762s ago: executing program 5 (id=966):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000004600)=""/102400, 0x19000)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
ptrace$getregset(0x4204, r0, 0x4, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x11, &(0x7f0000000080)=0x4, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{}, &(0x7f00000006c0), &(0x7f0000000700)}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x28)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
semctl$SEM_STAT(0x0, 0x4, 0x12, &(0x7f00000004c0)=""/4096)

4m17.972709484s ago: executing program 5 (id=977):
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000280)={&(0x7f0000000300)={0x14, 0x0, 0x400, 0x70bd2a, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$sndpcmc(&(0x7f0000000480), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE_OLD(r4, 0x40044145, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x15)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f00000007c0)={0xa, 0x2, 0x0, @empty, 0x80000001}, 0x1c)
sendto$inet6(r5, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @rand_addr, 0x8}, 0x1c)
r6 = dup(r5)
r7 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x170, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528)
write$eventfd(r6, &(0x7f0000000840)=0x3ecc, 0x8)
socket(0x10, 0x80003, 0x0)
close_range(r0, r6, 0x0)
ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448cc, &(0x7f0000000380))
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r4, 0xc2604110, &(0x7f0000000980)={0x5, [[0x9, 0x6c8, 0x3, 0xd7, 0xe5, 0x2, 0x4, 0xffffffff], [0xfffffffc, 0x1, 0x80, 0x1, 0x6, 0x8, 0x9, 0xffffff33], [0x67, 0x8cb4, 0x0, 0xc, 0x6a, 0x7, 0x3b, 0xffffffff]], '\x00', [{0x9, 0xffffff1d, 0x0, 0x1, 0x0, 0x1}, {0x10, 0x0, 0x1, 0x0, 0x0, 0x1}, {0x9, 0x5, 0x0, 0x1, 0x1, 0x1}, {0x1, 0x7, 0x1, 0x0, 0x1}, {0x4c511534, 0x4, 0x0, 0x1, 0x0, 0x1}, {0x5, 0x5, 0x1}, {0x0, 0x1, 0x0, 0x0, 0x1, 0x1}, {0x1ff, 0x8, 0x0, 0x1, 0x0, 0x1}, {0xffffff00, 0x8, 0x0, 0x1, 0x1, 0x1}, {0xf0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {0x101, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x4, 0xfffffff8, 0x0, 0x1, 0x0, 0x1}], '\x00', 0x9})

4m16.432976524s ago: executing program 5 (id=983):
lgetxattr(0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
read$msr(0xffffffffffffffff, &(0x7f0000032680)=""/102400, 0x19000)
socket$inet6_tcp(0xa, 0x1, 0x0)
request_key(0x0, 0x0, 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
accept4$packet(r1, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000800)=0x14, 0x80000)

4m15.472900641s ago: executing program 5 (id=990):
r0 = socket$inet(0x2, 0x3, 0x8)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000300)={'syztnl2\x00', &(0x7f0000000000)={'tunl0\x00', 0x0, 0x20, 0x40, 0x1001000, 0x6, {{0x5, 0x4, 0x2, 0x6, 0x14, 0x67, 0x0, 0xf9, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0xfe, 0x0}}}}})

4m13.335969386s ago: executing program 5 (id=1001):
lgetxattr(0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
read$msr(0xffffffffffffffff, &(0x7f0000032680)=""/102400, 0x19000)
socket$inet6_tcp(0xa, 0x1, 0x0)
request_key(0x0, 0x0, 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
accept4$packet(r1, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000800)=0x14, 0x80000)

4m11.888632431s ago: executing program 5 (id=1009):
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
ioctl$sock_bt_hidp_HIDPCONNADD(r0, 0x400448c8, &(0x7f0000000340)={r1, 0xffffffffffffffff, 0xff, 0x0, 0x0, 0x31, 0x9, 0x4008, 0x5e2, 0x100, 0x6, 0x7, 'syz0\x00'})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x22000, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x44, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000140)=ANY=[], 0x32600)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/sockstat\x00')
pread64(r6, &(0x7f0000000480)=""/14, 0xd, 0x8000)
prctl$PR_SET_TSC(0x1a, 0x2)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x2000800, &(0x7f0000000000), 0xfc, 0x575, &(0x7f0000000700)="$eJzs3e9rJGcdAPDvbHbz4y6aqH1RhdbDFu6KXnLp2TaI9E4Q3xWU6usz5PZCuE32yG7aSyiSwz9AENGCb/SVbwT/AEHuTyhCwb4XK8qhVwWLaEfmR+6SdKfZpNldm3w+8GSenXlmvt9ndzM7O/MkE8CZdSEirkfEWEQ8FxEz5fxaWWKnKFm79x6+sZyVJNL01b8lkZTzsmZJWTLny9Umi8l+U8Wks7V9e6nVam6Us+e7a3fmO1vbl1fXllaaK831q1cXXlx8afGFxSsn0s+sXy9/888//dGvvvXy777y+h9v/PXSD7J8p8vlu/04acVz0siei0fqEbExiGAjMFb2599poaLZxJDTAgCgQnaM/9mI+FJ+/D8TY/nRXLXxPfVk4NkBAAAAJyG9Nh3/SSLSI2oceQ0AAABgVGr5GNikNleOBZiOWm1urhjD+0Scq7Xane6Xb7U3128WY2Vno1G7tdpqXsnH1E5ERCPJHi88OqNQPH4+b5uVZN8Y4J/MTOXL55bbrZujOOEBAAAAZ9D5A9///zlTfP8HAAAATpnZcnpuxHkAAAAAgzM76gQAAACAgTvG9//xQeQBAAAADMS3X3klK+nu/a9vvra1ebv92uWbzc7tubXN5bnl9saduZV2e6WVTkSsHba9Vrt956uxvnl3vtvsdOc7W9s31tqb690bq/tugQ0AAAAM0We+eP+dJCJ2vjaVl9i9tj9WsYK/FYBTo9ZnuzT78e5gcwGGq+pjHjj96h+92DBfOMUaxSQZdR7A6By2A5isavHWscI5rgAAgBG4+Pn776TJh6//1x+fGwBOqX6v/wOnT8X1/3Rm2IkAQ1d5/f+QgQHAJ1/DCEA48w6//l/hrXzR9cMjpOmh2wIAAAZqOi9Jba68FjgdtffTQsxGI7m12mpeiYhPR8QfZhoT2eOFfM3EHw0AAAAAAAAAAAAAAAAAAAAAAAAAQJ/SNIn0GOrHWgsAAAAYhYjaX5LyPsAXZ56dPnh+YDx5P78V8Adpmr7+81d/dnep291YyOb/PZ8/HhHdN7P546M4fQEAAADssXuX//z7+/ONEWcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGn13sM3lnfLMOM++EZEzPaKX4/JfDoZjYg4948k6nvWSyJi7ATi79yLiCd7xU+ytGK2zOJg/FpETOVZDDz+U2ma9ox//mNHh7Ptfrb/ud7r968WF/Jp79//elGufdz41fu/2qP939jB+PVi//epPmN84e3fzO95+L3H1Ylieb33/mc3flKx/32mV7D6h2d9/7vb21W5pb+MuNjz8yfZF2u+u3ZnvrO1fXl1bWmludJcv3p14cXFlxZfWLwyf2u11Sx/9ozx46d++0FV/AcXIs6V8cd3cyo/WGaLydeTR6mM78vp2azSqNryY/99++7DzxXVva3zrT64F3Hpmd6v/5P5tOfz/4t/pbn8cyBbfrH8TEh2inpE+faNiKd//funK/t/b7KsHf31v3R413PPfeeHf+qzKQAwBJ2t7dtLrVZzY+CVN9M07a9xdlTa/5aTiJ2Di7IDuBPuxVREVCzaH2uqfFaj3y0/UZnqu1MRQ3p1jlq5dpTG6cSR3mzJzv9BB89wZTx/Q456zwQAAJy0x0f/o84EAAAAAAAAAAAAAAAAAAAAzq5h/F+xgzF3RtNVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICP9L8AAAD//6zP1vE=")
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x800, 0x0)
openat(r7, 0x0, 0x515401, 0x408)
prctl$PR_SET_TSC(0x1a, 0x2)

3m56.745767379s ago: executing program 34 (id=1009):
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
ioctl$sock_bt_hidp_HIDPCONNADD(r0, 0x400448c8, &(0x7f0000000340)={r1, 0xffffffffffffffff, 0xff, 0x0, 0x0, 0x31, 0x9, 0x4008, 0x5e2, 0x100, 0x6, 0x7, 'syz0\x00'})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x22000, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x44, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000140)=ANY=[], 0x32600)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='net/sockstat\x00')
pread64(r6, &(0x7f0000000480)=""/14, 0xd, 0x8000)
prctl$PR_SET_TSC(0x1a, 0x2)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x2000800, &(0x7f0000000000), 0xfc, 0x575, &(0x7f0000000700)="$eJzs3e9rJGcdAPDvbHbz4y6aqH1RhdbDFu6KXnLp2TaI9E4Q3xWU6usz5PZCuE32yG7aSyiSwz9AENGCb/SVbwT/AEHuTyhCwb4XK8qhVwWLaEfmR+6SdKfZpNldm3w+8GSenXlmvt9ndzM7O/MkE8CZdSEirkfEWEQ8FxEz5fxaWWKnKFm79x6+sZyVJNL01b8lkZTzsmZJWTLny9Umi8l+U8Wks7V9e6nVam6Us+e7a3fmO1vbl1fXllaaK831q1cXXlx8afGFxSsn0s+sXy9/888//dGvvvXy777y+h9v/PXSD7J8p8vlu/04acVz0siei0fqEbExiGAjMFb2599poaLZxJDTAgCgQnaM/9mI+FJ+/D8TY/nRXLXxPfVk4NkBAAAAJyG9Nh3/SSLSI2oceQ0AAABgVGr5GNikNleOBZiOWm1urhjD+0Scq7Xane6Xb7U3128WY2Vno1G7tdpqXsnH1E5ERCPJHi88OqNQPH4+b5uVZN8Y4J/MTOXL55bbrZujOOEBAAAAZ9D5A9///zlTfP8HAAAATpnZcnpuxHkAAAAAgzM76gQAAACAgTvG9//xQeQBAAAADMS3X3klK+nu/a9vvra1ebv92uWbzc7tubXN5bnl9saduZV2e6WVTkSsHba9Vrt956uxvnl3vtvsdOc7W9s31tqb690bq/tugQ0AAAAM0We+eP+dJCJ2vjaVl9i9tj9WsYK/FYBTo9ZnuzT78e5gcwGGq+pjHjj96h+92DBfOMUaxSQZdR7A6By2A5isavHWscI5rgAAgBG4+Pn776TJh6//1x+fGwBOqX6v/wOnT8X1/3Rm2IkAQ1d5/f+QgQHAJ1/DCEA48w6//l/hrXzR9cMjpOmh2wIAAAZqOi9Jba68FjgdtffTQsxGI7m12mpeiYhPR8QfZhoT2eOFfM3EHw0AAAAAAAAAAAAAAAAAAAAAAAAAQJ/SNIn0GOrHWgsAAAAYhYjaX5LyPsAXZ56dPnh+YDx5P78V8Adpmr7+81d/dnep291YyOb/PZ8/HhHdN7P546M4fQEAAADssXuX//z7+/ONEWcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGn13sM3lnfLMOM++EZEzPaKX4/JfDoZjYg4948k6nvWSyJi7ATi79yLiCd7xU+ytGK2zOJg/FpETOVZDDz+U2ma9ox//mNHh7Ptfrb/ud7r968WF/Jp79//elGufdz41fu/2qP939jB+PVi//epPmN84e3fzO95+L3H1Ylieb33/mc3flKx/32mV7D6h2d9/7vb21W5pb+MuNjz8yfZF2u+u3ZnvrO1fXl1bWmludJcv3p14cXFlxZfWLwyf2u11Sx/9ozx46d++0FV/AcXIs6V8cd3cyo/WGaLydeTR6mM78vp2azSqNryY/99++7DzxXVva3zrT64F3Hpmd6v/5P5tOfz/4t/pbn8cyBbfrH8TEh2inpE+faNiKd//funK/t/b7KsHf31v3R413PPfeeHf+qzKQAwBJ2t7dtLrVZzY+CVN9M07a9xdlTa/5aTiJ2Di7IDuBPuxVREVCzaH2uqfFaj3y0/UZnqu1MRQ3p1jlq5dpTG6cSR3mzJzv9BB89wZTx/Q456zwQAAJy0x0f/o84EAAAAAAAAAAAAAAAAAAAAzq5h/F+xgzF3RtNVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICP9L8AAAD//6zP1vE=")
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x800, 0x0)
openat(r7, 0x0, 0x515401, 0x408)
prctl$PR_SET_TSC(0x1a, 0x2)

18.815252766s ago: executing program 4 (id=1951):
r0 = socket$inet6(0xa, 0x805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
pipe(&(0x7f0000000080))
getsockopt$bt_hci(r0, 0x84, 0x85, &(0x7f0000000080)=""/4076, 0x0)

17.7287851s ago: executing program 4 (id=1954):
syz_open_dev$sg(0x0, 0x0, 0x5)
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000003c0)=0x2, 0x4)
sendmmsg$inet6(r0, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4004800)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x8, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc9}, [@alu={0x4, 0x1, 0x5, 0x7, 0x6, 0x40}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x5}, @map_idx={0x18, 0x1, 0x5, 0x0, 0xc}]}, &(0x7f0000000080)='syzkaller\x00', 0xae, 0xb1, &(0x7f00000000c0)=""/177, 0x41000, 0x3a, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x9, 0x5}, 0x8, 0x10, &(0x7f00000001c0)={0x4, 0x8, 0x0, 0x891}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000200)=[0xffffffffffffffff], 0x0, 0x10, 0xfffffff9}, 0x94)
bpf$BPF_PROG_TEST_RUN_LIVE(0xa, &(0x7f00000005c0)={r1, 0x0, 0x2b, 0x0, &(0x7f0000000540)="3550bc7a623b9dc31e5710e9e1fe42a98cd52fcd85fb6a02c1d7af4ac3d24b76cab1841f0f37c0d4310ccc", 0x0, 0xb58, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xd4}, 0x50)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00'})
r3 = socket$igmp(0x2, 0x3, 0x2)
syz_emit_ethernet(0x3e, 0x0, 0x0)
getsockopt$MRT(r3, 0x0, 0xcf, 0x0, &(0x7f0000000380))
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000007c0)=ANY=[@ANYBLOB="5800000002060108000000bca3000000000000400500010006000000050005000200000005000400000000000900020073797a31000000000c000780080012400000000211000300686173683a69702c6d61726b"], 0x58}}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="480000000906010200000000000000000200ffff200007800c00018008000140a2fd4ebc08000a400000000205000300020000000900020073797a310000000005000100"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)

9.168827922s ago: executing program 7 (id=1987):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2d, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
connect$qrtr(0xffffffffffffffff, &(0x7f0000000440)={0x2d, 0x0, 0x1}, 0xc)
r0 = socket(0x2d, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000440)={0x2d, 0x0, 0x1}, 0xc)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x15)
writev(r3, &(0x7f0000000280)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff0600000001ffa6004500", 0x1a}, {&(0x7f0000000580)="fa21bd2b5c40cc420740358ffc7f9f4b6e68fc8d1aa2597e7b484f301f11e3", 0x1f}], 0x2)
r4 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14080, 0x10000}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8, 0x1, r4}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0x4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r6, 0x800448f0, &(0x7f0000000180)={0x0, 0x0, "a4cd91", 0x9})
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="740000001000010400"/19, @ANYRES32=0x0, @ANYBLOB="2b030040000000004c0012800b00010067656e65766500003c0002800800050001000000140007000000000000", @ANYRESDEC], 0x74}}, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x28}}, 0x48090)
execve(&(0x7f0000000740)='./file0\x00', 0x0, 0x0)

7.804938812s ago: executing program 0 (id=1993):
r0 = socket$kcm(0x29, 0x5, 0x0)
write$cgroup_pressure(r0, &(0x7f0000000140)={'full', 0x20, 0x40030000000000}, 0xfffffdef)

7.553278247s ago: executing program 2 (id=1994):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)={0x30, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0)
syz_80211_inject_frame(&(0x7f0000000040)=@device_b, &(0x7f0000000280)=ANY=[@ANYBLOB="50000000080211000001ffffffffffff0802110000000000000000000000000064000100000602020202020201010b"], 0x48)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e)
syz_80211_inject_frame(&(0x7f00000004c0)=@device_b, &(0x7f0000000440)=ANY=[@ANYBLOB="10000000080211000001080211000000080211000000200004a000000c0001"], 0x3c)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
close(r4)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8b18, &(0x7f0000000000)={'wlan1\x00', @random="010000000700"})
r5 = socket$kcm(0x10, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x0, &(0x7f0000000400)={[{@user_xattr}, {@noblock_validity}, {}, {@resuid}]}, 0x1, 0x4b5, &(0x7f0000000580)="$eJzs3ctrXNUfAPDvzDRpkub360ORtoItVKgPmskDaaJuXKmLglhwo1BjMo01k0zITGoTukh114ULURTEhXv/Ajd2ZRHEte7FhVS0RnyAMDJ3ZtK8Jg01yZTczwdu59x7Z+Z7TofvyZn7mBNAap2s/ZOJ6I2IbyPiYH119RNO1h+Wbl8dqy2ZqFbP/5JJnldbbz61+boDEbEYEV0R8fLzEW9k1sctzy9MjhaLhdnGer4yNZMvzy+cuTQ1OlGYKEwPDJ8dGRnuHxoc2ba2Xn/vrevnvnix8/M/37118/2vvqxVq7exb2U7tlO96R1xeMW2fRHx7E4Ea4Ncoz3d7a4I96T2+T0QEaeS/D8YueTTBNKgWq1W/6nub7V7sQrsWdlkDJzJ9kVEvZzN9vXVx/APRk+2WCpXnrxYmpser4+VD0VH9uKlYqG/8V3hUHRkausDSfnO+uCa9aGIZAz8Qa47We8bKxXHd7erA9Y4sCb/f8/V8x9ICV/5Ib3kP6SX/If0kv+QXivzv/W5QGAv8vcf0kv+Q3rJf0gv+Q/pJf8hveQ/pNJL587Vlmrz/vfxy/Nzk6XLZ8YL5cm+qbmxvrHS7EzfRKk0kdyzM3W39yuWSjMDT8XclXylUK7ky/MLF6ZKc9OVC8l9/RcKHbvSKmArDp+48X0mIhaf7k6Wms7GPrkKe1u1mol234MMtEeu3R0Q0DZbH+Nf29F6ALvPd3xgg5/oXaWr1Y6ZTV/2x73WB9h52XZXAGib08ec/4O0cvwf0sulv5BexvjADh3/B+5jjv9DevW2mP/rfyvm7uqPiP9HxHe5jv3Nub6AvSD7U6Yx/j998NHetXs7M38lpwg6I+LtT85/dGW0UpkdqG3/dXl75ePG9sF21B/YqmaeNvMYAEivpdtXx5rLbsb9+bn6RQjr4+9rHJvsSs5R9ixlVl2rkNmmaxcWr0XE0Y3iZxrzndfPfPQs5dbFP9J4zNTfIqnvvmTe9N2Jf2xF/EdWxD/+n/9XIB1u1Pqf/o3yL5vkdCzn3+r+p3ebrp1o3f9ll/u/XIv+78QWY7z56Ts/tox/LeL4hvGb8bqSWGvj1+p2eovxb732ykOt9lU/q7/PRvGbaqV8ZWomX55fOJP8jtxEYXpg+OzIyHD/0OBIPjlGnW8eqV7vmaPf3Nys/T0t4m/W/tq2x+/a8vpcWn8//PWrJzeJ/9ipjT//I5vE746IJ+4av+63wR9eb7WvFn+8Rfuzm8SvbRvaYvzyhy+YVAwA7iPl+YXJ0WKxMKugoKCwXGh3zwTstDtJ3+6aAAAAAAAAAAAAAFu1G5cTt7uNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB7wb8BAAD//1yQ2OA=")
sendmsg$kcm(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000640)="2e00000010008188e6b62a83e759629f1ba1f848480000005e140602000000000e000a", 0x23}], 0x1}, 0x4000040)

7.206452437s ago: executing program 0 (id=1996):
io_uring_setup(0x664, &(0x7f0000000000)={0x0, 0x8dd3, 0x1, 0x42, 0x29d})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000840), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x32d014e, 0x180)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0cc5605, &(0x7f0000000100)={0x1, @pix={0x0, 0x0, 0x59455247}})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
unshare(0x6a040000)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r3, 0x6, 0x15, &(0x7f0000000240)=0x52, 0x4)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
close_range(r4, 0xffffffffffffffff, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)

7.120238983s ago: executing program 7 (id=1997):
r0 = landlock_create_ruleset(&(0x7f0000000080)={0x2812, 0x1}, 0x18, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x1, 0x32, 0x0, 0xffffd000)
landlock_restrict_self(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)

7.119224352s ago: executing program 4 (id=1999):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40041}, 0x4040850)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x76a9bba1a690db0f, 0x0, 0x0, {0xa, 0x0, 0x2005}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x54}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)

5.216616254s ago: executing program 6 (id=2000):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x22003, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x30)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000800000000101"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000002000000000000000700000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket(0x10, 0x803, 0x0)
socket$unix(0x1, 0x2, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x8100, 0x0, {0x0, 0xffe1}, {0xffff, 0xffff}, {0xffe0, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x9}}]}}]}, 0x48}}, 0x8000)
sendmsg$nl_route_sched(r6, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000002400)=@newtfilter={0x9c0, 0x2c, 0xd2b, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xf}, {}, {0xffff, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x994, 0x2, [@TCA_U32_SEL={0x124, 0x5, {0xf, 0x4, 0xb8, 0x1, 0x4, 0x100, 0x4, 0x8, [{0xc, 0xe9, 0x1, 0x7}, {0x6c8, 0x40, 0x1, 0xa2}, {0x2, 0x4, 0x4}, {0x98, 0x1, 0x1, 0x4}, {0x7ff, 0x4, 0x5683, 0x2}, {0x8, 0x7, 0x6, 0x40}, {0x6, 0x1, 0x7fffffff, 0x8}, {0x3ca, 0x7, 0xb470, 0x72c}, {0x0, 0x694, 0x8000, 0x2}, {0x33, 0x8, 0xfffffffc, 0x3ff}, {0x9, 0xa619, 0xfffff801, 0x6}, {0x2, 0x8bd9, 0x2409, 0x8}, {0x6066, 0xfffffffe, 0x1ff, 0xea}, {0xfffffff7, 0x55, 0x4}, {0x3, 0x2, 0xfff, 0xa}, {0xb06, 0x4, 0x9, 0x5b58000}, {0x2, 0x4, 0x7, 0xea}]}}, @TCA_U32_SEL={0x24, 0x5, {0xd, 0x7, 0x1, 0x3d3f, 0x0, 0xfff, 0x3, 0x58f, [{0x0, 0x20008000, 0x4, 0x1}]}}, @TCA_U32_POLICE={0x848, 0x6, [@TCA_POLICE_RATE={0x404, 0x2, [0x1c79, 0x3, 0x2, 0x5, 0xff, 0x8, 0x1, 0x1, 0x2d0, 0x2, 0x1, 0xb, 0x6, 0x0, 0x2, 0x2, 0x9, 0x7, 0x0, 0xffffffff, 0x6, 0x1, 0x5, 0xc4, 0xa117, 0x8, 0xab, 0xfffffffa, 0x1, 0x0, 0x4, 0x1fc0000, 0x4, 0x200, 0x80, 0x1, 0x1, 0x0, 0x4, 0x2000007, 0x2, 0x1, 0x610, 0x100, 0xb, 0xfb, 0x4, 0xa29, 0x7f, 0x82, 0x200, 0x48, 0x2, 0x1, 0x2, 0x101, 0x10005, 0xdd, 0x5, 0x8, 0x431d3ae0, 0xc03, 0x9, 0xfffffffa, 0x9349, 0x1, 0x100, 0x7ff, 0x1, 0x1, 0x8, 0x401, 0x3, 0x6, 0x5, 0x6, 0x19e, 0x2, 0x6, 0xf, 0xc00000, 0xe, 0x7, 0x3326ea0a, 0x8007, 0x80000001, 0x25, 0x1, 0x8, 0x8001, 0x9, 0x6, 0x54773818, 0x8, 0x8001, 0x6, 0x7f, 0x373, 0x4, 0x4, 0x80, 0xc000000, 0x7ff, 0x6138, 0x49e, 0x3ff, 0x8, 0x0, 0x3, 0x0, 0x2, 0x10000, 0x3, 0x2, 0x9, 0x3, 0x7fffffff, 0x101, 0x3, 0xc42, 0x4, 0x7, 0x401, 0x5, 0x0, 0x4, 0x80000001, 0x8000, 0x5, 0x2fb, 0x5907, 0x8, 0x81, 0x7, 0x4, 0xfffffffc, 0xffff0001, 0x2, 0xffff, 0x8, 0x2396, 0x8000, 0xfffffffc, 0x5, 0x1, 0xfff, 0x91e0000, 0x4, 0x3, 0xfae, 0x40, 0x900, 0x6, 0x0, 0x2, 0x6, 0x6, 0xdc, 0x9, 0x800, 0xfffffff7, 0x4, 0x2, 0x30, 0xff, 0x3, 0x80, 0x6, 0x7, 0x9, 0x4, 0x0, 0x5, 0x4342, 0xfa52, 0x4, 0x7fff, 0x7, 0x381, 0xfffffff2, 0xfffffff6, 0x100, 0x8, 0xf73, 0x400, 0x0, 0x5, 0xe, 0x0, 0x3, 0xfffffc01, 0x2, 0xe, 0x4, 0xfffffff9, 0xf5f, 0x2, 0x0, 0x6, 0x1, 0x9, 0x80, 0x2, 0x0, 0x0, 0xfb, 0x3, 0x8, 0x8, 0x80000001, 0x5, 0x0, 0xb, 0x3159, 0x6, 0xfffffff7, 0xe4f7, 0x6, 0x4, 0xfffffffc, 0x8, 0x9, 0x1c15, 0xa098, 0x0, 0x0, 0x6, 0xb, 0x6, 0x2, 0x80000001, 0x9, 0xfffffed0, 0x2, 0x7, 0x56, 0x2, 0x4, 0x7, 0x2009, 0xb, 0x6, 0x4, 0x1, 0x3, 0x7, 0x9, 0x7, 0x3b42, 0x0, 0x1, 0x9, 0x1, 0x0, 0x3, 0x8]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x8, 0xffffffff, 0xffff0d7b, 0x6, 0x3, 0xc79, 0x74100000, 0x800, 0x7, 0xfffffffd, 0x76e8, 0x4, 0x0, 0x9, 0xb046, 0x7, 0x101, 0x8, 0x20000, 0x6, 0x4, 0xfffffffe, 0x0, 0x7f, 0x3, 0x7c68080b, 0x4, 0x9, 0x3, 0x80000001, 0x0, 0xa, 0x7, 0x2, 0x4, 0x62f1, 0x2, 0x995, 0x1, 0xf, 0xb, 0x7f, 0x9, 0x7, 0x4, 0x6, 0xc39, 0x6, 0x7, 0x2, 0x5, 0x4b0f, 0x3ff, 0x3, 0x93, 0x5, 0x2, 0x0, 0x6, 0x0, 0x0, 0x7, 0x0, 0xffff, 0x9, 0xffffffff, 0x4, 0x9, 0xa2c, 0xda0b, 0x7, 0x40, 0x9, 0xefa8, 0x1, 0xe6, 0x0, 0xe, 0x2, 0x4, 0x6, 0xfffffff9, 0x4, 0x8, 0x4, 0x0, 0xea, 0xbed1, 0x10001, 0x8, 0x7fff, 0x3, 0x8, 0x0, 0x9, 0x5dac, 0xdb, 0x1, 0x8, 0x9, 0x2, 0x2000, 0xfc000000, 0xfffffff9, 0x3, 0x4, 0x0, 0x0, 0x4, 0x437, 0xfffffff9, 0x5, 0x3, 0xe2000, 0x6, 0x8001, 0xa, 0x6, 0x5, 0x0, 0xef83, 0x8, 0x4, 0x3ff, 0x0, 0x5, 0x10000, 0xf6, 0x7, 0x3, 0x3ff, 0x5, 0xaf7e, 0x5, 0x7ff, 0x2, 0x3, 0x8, 0x525, 0x9, 0x0, 0x3, 0x401, 0x9, 0x6, 0x8, 0x1, 0x8, 0x7, 0xfffffffb, 0x7, 0x81000001, 0xfffffffd, 0x4, 0x8fb3, 0x7fffffff, 0xfffffff9, 0x800, 0x2, 0x7fff, 0x5, 0x7, 0xfffffffc, 0x4, 0x3, 0x82, 0xff, 0x6, 0x3, 0x46, 0x1, 0x958, 0x3, 0x80000001, 0x7, 0x9, 0x5, 0xfffffffa, 0x0, 0x5, 0x4d4, 0x9, 0x8, 0x75968514, 0x0, 0x46cc, 0x8, 0x6, 0x40, 0x9, 0x8, 0x4, 0x7054, 0x3, 0x3, 0x1, 0x70, 0xa, 0x9, 0x9, 0x400, 0x40003dc1, 0x0, 0xe6a2, 0x8, 0x6, 0x8, 0x6, 0x80000001, 0xff, 0x2, 0x6, 0x80000000, 0x0, 0xd42700, 0x8001, 0xb, 0x8000, 0x9, 0x4, 0x6302, 0x1eeacb39, 0xe, 0x4, 0x5, 0xd9a, 0x9, 0x0, 0x8, 0x3, 0x2, 0x0, 0x100, 0x3ff, 0x5, 0x3ff, 0x40, 0x7ffffffe, 0xff, 0x5, 0x6, 0x1000, 0x37, 0x81, 0x7fffffff, 0x9, 0x5ca, 0x5, 0x5d6a, 0x2, 0x3, 0x6, 0x81, 0x10000]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x1, 0x7f, 0x4, 0x9, {0x3, 0x1, 0x4, 0x17f, 0x0, 0x1ff}, {0x6, 0x2, 0xff, 0x7, 0x5, 0xffffffff}, 0x9, 0xe90, 0x6db5cd0}}]}]}}]}, 0x9c0}, 0x1, 0x0, 0x0, 0x1}, 0x2404c084)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000f0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r7, 0x2000012, 0xd, 0x0, &(0x7f0000000c40)="63eced8e46b70300b2dc0002df", 0x0, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

5.216165534s ago: executing program 0 (id=2001):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x25, 0x0, @void}, 0x10)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e0b080510"], 0xe)

4.375519363s ago: executing program 7 (id=2002):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001600)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea018512babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7acbf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000005d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd353646000000000000000000002b0000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4092140faed0c329be610c30180000000000000c03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3e16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e2e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54ae54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db55474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1386f5800"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002a0, 0x35, 0x0, &(0x7f0000000500)="b9fa030711a5f32e019e14f088a847e0ffff00124000632177fbac141416e000030a94029f03030180b7060000000000000088a85d", 0x0, 0xfffffffc, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

4.369124844s ago: executing program 4 (id=2003):
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt(r0, 0xff, 0x7, &(0x7f0000000000)="fa794bfa", 0x4)
read$FUSE(0xffffffffffffffff, &(0x7f0000000bc0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00')
exit(0x1)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file0/../file0\x00', &(0x7f0000000300)={0x2000, 0x0, 0x10}, 0x18)
write$FUSE_WRITE(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x0, r1, {0x800}}, 0x18)
r2 = io_uring_setup(0xf0c, &(0x7f000000c480)={0x0, 0xc46e, 0x400, 0x3, 0x3})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000000080)=[{0x0}], 0x1)
r3 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f0000000000)={r3})
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r4, 0xffffffffffffffff, 0x0)
r5 = io_uring_setup(0x6f9e, &(0x7f0000000600)={0x0, 0x1e28, 0x0, 0x3, 0x28b})
io_uring_register$IORING_REGISTER_FILES(r5, 0x1e, &(0x7f0000000000)=[r2], 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x1e0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]})
rmdir(&(0x7f0000000100)='./file0/file1\x00')
umount2(&(0x7f00000002c0)='./file0\x00', 0x9)
mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

4.25955217s ago: executing program 0 (id=2004):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1f, 0xf, &(0x7f0000000240)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r1}, 0xc)

4.25934477s ago: executing program 2 (id=2005):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x4, 0x14, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000fcffffff1801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r1, 0x0, 0x10, 0x22, &(0x7f00000006c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000700)=""/8, 0x60fe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

4.069969221s ago: executing program 0 (id=2006):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r1=>0x0})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000280)={&(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7, 0x800, 0x0, <r2=>0xffffffffffffffff})
ioctl$VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc04c5609, &(0x7f0000000380)=@fd={0x3, 0x9, 0x4, 0x0, 0x6, {}, {0x4, 0x0, 0x6, 0x6, 0x5, 0x5, "41f8387f"}, 0xc, 0x4, {}, 0x2, 0x0, r2})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'dummy0\x00', <r3=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0xef, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="400000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="814f0400000000002000128008000100687372001400028008000200", @ANYRES32=r3, @ANYBLOB="081b0100", @ANYRES32=r1, @ANYBLOB], 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x80c0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001140)='/proc/locks\x00', 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000640)=@newlink={0x40, 0x10, 0x437, 0x0, 0x20, {0x0, 0x0, 0x0, 0x0, 0x4048b, 0x8000}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_PROTO={0x5, 0x9, 0x89}, @IFLA_IPTUN_FLAGS={0x6, 0x8, 0x7}]}}}]}, 0x40}}, 0x0)
fcntl$lock(r5, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
r7 = fsopen(&(0x7f0000000140)='tmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
r8 = fsmount(r7, 0x0, 0x0)
close(r8)
ioctl$VIDIOC_QUERYSTD(r8, 0x8008563f, &(0x7f0000000180))
fcntl$setlease(r4, 0x400, 0x0)
read(r4, &(0x7f00000002c0)=""/158, 0x9e)
r9 = signalfd(0xffffffffffffffff, &(0x7f0000000500)={[0x5]}, 0x8)
r10 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
writev(r10, 0x0, 0x0)
munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000)
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r12 = ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
r13 = ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r12, 0x4020ae46, &(0x7f0000000140)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000fe5000/0x2000)=nil})
ioctl$KVM_SET_MSRS(r13, 0x4008ae89, &(0x7f0000000200)={0x1, 0x0, [{0x4b564d03, 0x0, 0x1}]})
ioctl$KVM_RUN(r13, 0xae80, 0x0)
name_to_handle_at(r9, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
setsockopt$MISDN_TIME_STAMP(r9, 0x0, 0x1, &(0x7f0000000080), 0x4)

4.048098542s ago: executing program 2 (id=2007):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x138}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0)
r3 = socket(0x2d, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bind$xdp(r3, 0x0, 0x0)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, 0x0, 0x800)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
r4 = socket$kcm(0x29, 0x5, 0x0)
write$cgroup_pressure(r4, &(0x7f0000000140)={'full', 0x20, 0x40030000000000}, 0xfffffdef)

1.777338226s ago: executing program 2 (id=2008):
r0 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r0, &(0x7f0000000140)={0x18, 0x2, {0xffff, @loopback}}, 0x1e)
connect$pptp(r0, &(0x7f0000000080)={0x18, 0x2, {0x0, @rand_addr=0x64010102}}, 0x1e)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000015c0), 0x2300, 0x0)
ioctl$PPPIOCATTCHAN(r1, 0x40047438, &(0x7f0000000040)=0x1)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000000)=0x3)

1.500331772s ago: executing program 7 (id=2009):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001600)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea018512babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7acbf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000005d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd353646000000000000000000002b0000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4092140faed0c329be610c30180000000000000c03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3e16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f4225"], &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002a0, 0x38, 0x0, &(0x7f0000000840)="b9fa030711a5f32e019e14f088a847e0ffff00124000632177fbac141416e000030a94029f03030180b7060000000000000081005d6e686e", 0x0, 0xfffffffc, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.301318804s ago: executing program 4 (id=2010):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x6)
ioprio_get$uid(0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x11, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0x1ac81b, 0x0, 0x0, 0x0, 0x1000000}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8, 0x0, 0x0, 0x1010000}, @exit, @alu={0x6, 0x0, 0x3, 0xa}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222}, 0x94)
mount(0x0, 0x0, 0x0, 0x8b00a2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
ioctl$USBDEVFS_SETINTERFACE(0xffffffffffffffff, 0x80045510, 0x0)

1.300742654s ago: executing program 0 (id=2011):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x2)
io_setup(0x239f, &(0x7f0000000380)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000000b40)=[&(0x7f0000000080)={0x200000000000000, 0x0, 0x0, 0x0, 0x8, r3, 0x0, 0x0, 0x1}])
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)

1.298494364s ago: executing program 6 (id=2012):
r0 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4042, 0x1cb)

1.177012901s ago: executing program 2 (id=2013):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40041}, 0x4040850)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x76a9bba1a690db0f, 0x0, 0x0, {0xa, 0x0, 0x2005}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x54}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)

1.157753082s ago: executing program 7 (id=2014):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x512, &(0x7f0000000280)={0x0, 0xc65f, 0x0, 0x9, 0x40}, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000000c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0, 0x2121, 0x1, {0x3}})
io_uring_enter(r1, 0x47f6, 0xb277, 0x0, 0x0, 0x0)

1.149383262s ago: executing program 6 (id=2015):
openat$dir(0xffffffffffffff9c, &(0x7f0000001a00)='./file1\x00', 0x141040, 0x42)
mount(&(0x7f0000000000)=@sr0, &(0x7f0000004a00)='./file1\x00', &(0x7f0000000040)='udf\x00', 0x100080f, 0x0)

912.822916ms ago: executing program 7 (id=2016):
syz_open_dev$sndpcmp(&(0x7f0000003b40), 0xa8c, 0x2080)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = creat(&(0x7f0000000080)='./file0\x00', 0x1)
ioctl$TIOCMIWAIT(r1, 0x545c, 0x0)
r2 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r2, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}]}, 0x24}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r6=>0x0})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_DEL_INTERFACE(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)={0x1c, r5, 0x1, 0x70bd25, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r6}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20004080)

912.618636ms ago: executing program 6 (id=2017):
r0 = socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(r0, 0x0, 0x0)

314.541471ms ago: executing program 2 (id=2018):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

177.32753ms ago: executing program 4 (id=2019):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x1000000000, 0x5, 0x41, 0x4, 0x0, 0x2004cb, 0x0, 0x40000000000a1d, 0x68ff, 0x5, 0x0, 0x3, 0x2], 0x10000, 0x202})
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0xd000, 0x0, 0x0, 0x2, 0x8, 0x0, 0x0, 0x2, 0x0, 0x8, 0x6, 0xf9}, {0xffff1000, 0x10000, 0xd, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7, 0xff, 0x0, 0xd}, {0xeeee0000, 0xeeee1000, 0xc, 0x0, 0x7, 0xc4, 0x0, 0x1, 0x48, 0x3, 0x1, 0x3}, {0x1, 0xffff1000, 0x9, 0x0, 0x1, 0x0, 0x9, 0x0, 0x8, 0x0, 0x4}, {0x6000, 0xffff1000, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x40}, {0x100000, 0x0, 0x0, 0x74, 0x5, 0x5, 0x2, 0x0, 0x0, 0x2, 0x5}, {0x0, 0xeeee8000, 0xa, 0x4, 0x0, 0x0, 0xa1, 0x20, 0x0, 0x9}, {0x0, 0x6000, 0x8, 0x0, 0x0, 0x7, 0x8, 0x40, 0x26, 0x0, 0x0, 0x5}, {0xeeef0000, 0x3}, {0xdddd1000, 0x400}, 0xddf8ffdb, 0x0, 0x0, 0x400, 0x0, 0xf801, 0x0, [0x80000001, 0x0, 0x1]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

105.854724ms ago: executing program 6 (id=2020):
pipe2$watch_queue(&(0x7f0000000100)={<r0=>0xffffffffffffffff}, 0x80)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000140)={&(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f000085f000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000dd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f000013b000/0x4000)=nil, &(0x7f00009f3000/0x3000)=nil, &(0x7f0000c6a000/0x1000)=nil, &(0x7f0000336000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000000)="cb9daff006a1df670c5cadec3743609b6d08c7133f586e15da6aed03732086185666d5cdba0d1fb4f5b45b20e68874c7569db11e35de30f2518dbe57879f8421227893f06e65bdc82ffdbae4817af96726b2b5f11cc9dc2e11cf76b19a5336725b07e8d1ad4c94883985812bc5710c847eea1da8b08048b42dbb77f9cbaa3409a3697d614ee1e59665d21cf75f8b9e9be151196c5429c886d8b8dfe04d3d615641be74240e3448b5eee5d06675659c784dbd1a7bb1", 0xb5, r0}, 0x68)

0s ago: executing program 6 (id=2021):
socket(0x2, 0x80805, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000001c0), 0x12)

kernel console output (not intermixed with test programs):

void problems!
[   83.143138][ T4271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.153694][ T4271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.163794][ T4271] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.174480][ T4271] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.186147][ T4271] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.199689][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   83.209729][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   83.218987][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   83.227999][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   83.260559][ T4271] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.271147][ T4271] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.282644][ T4271] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.291926][ T4271] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.312174][   T30] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.325691][   T30] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.352814][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   83.362408][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   83.371859][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   83.391783][ T4270] device veth0_vlan entered promiscuous mode
[   83.431900][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   83.441566][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   83.525852][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.534858][ T4270] device veth1_vlan entered promiscuous mode
[   83.544415][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.580167][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   83.631876][ T4391] loop0: detected capacity change from 0 to 512
[   83.642063][ T4391] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   83.710905][   T30] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   83.734338][   T30] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   83.780187][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.830103][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.937012][ T4281] Bluetooth: hci0: command 0x0419 tx timeout
[   83.938233][ T4285] Bluetooth: hci3: command 0x0419 tx timeout
[   83.943816][ T4281] Bluetooth: hci1: command 0x0419 tx timeout
[   83.950580][   T49] Bluetooth: hci2: command 0x0419 tx timeout
[   84.017570][   T49] Bluetooth: hci4: command 0x0419 tx timeout
[   84.051543][ T4362] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   84.109925][ T4270] device veth0_macvtap entered promiscuous mode
[   84.164030][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   84.176935][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   84.185281][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   84.197485][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   84.205874][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   84.214202][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[   84.222874][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[   84.235864][    T0] NOHZ tick-stop error: local softirq work is pending, handler #28a!!!
[   84.244868][    T0] NOHZ tick-stop error: local softirq work is pending, handler #28a!!!
[   84.254860][    T0] NOHZ tick-stop error: local softirq work is pending, handler #28a!!!
[   84.476967][   T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.484830][   T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.500055][ T4270] device veth1_macvtap entered promiscuous mode
[   84.549223][ T4395] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   84.566124][ T4395] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   84.588417][ T4395] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   84.649752][ T4270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.667060][ T4270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.682420][ T4270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.692967][ T4270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.703017][ T4270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.713603][ T4270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.723523][ T4270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.734050][ T4270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.748809][ T4270] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.756840][ T4299] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.774147][   T57] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   84.788791][ T4299] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.799978][   T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   84.829710][ T4270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.847452][ T4270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.871347][ T4270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.887017][ T4270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.889205][ T4397] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   84.896855][ T4270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.907544][ T4270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.938426][ T4270] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.959788][ T4270] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.980152][ T4270] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.030073][   T57] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   85.044646][   T57] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   85.053972][   T57] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   85.081748][ T4270] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.097120][   T30] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.102510][ T4270] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.104972][   T30] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.126824][ T4270] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.145404][ T4270] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.167464][   T57] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   85.233404][ T4395] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.244755][ T4395] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.280400][ T4395] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   85.390793][ T4401] loop1: detected capacity change from 0 to 2048
[   85.439685][ T4401] EXT4-fs: Ignoring removed i_version option
[   85.509650][ T4299] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.537945][ T4299] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.561379][ T4401] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   85.599175][ T4401] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.652253][   T57] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   85.710856][ T4299] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.745914][ T4299] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.768293][   T30] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   85.917859][ T4401] fs-verity: sha512 using implementation "sha512-avx2"
[   86.492818][ T4423] loop4: detected capacity change from 0 to 256
[   86.579173][   T37] cfg80211: failed to load regulatory.db
[   86.600304][ T4423] FAT-fs (loop4): Unrecognized mount option "uid=þu5¬}�[9·A�A±xÛˆô�0L0x0000000000000000" or missing value
[   87.634014][ T4428] loop0: detected capacity change from 0 to 128
[   87.644815][ T4385] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   88.488179][ T4434] Bluetooth: MGMT ver 1.22
[   88.576735][ T4428] =======================================================
[   88.576735][ T4428] WARNING: The mand mount option has been deprecated and
[   88.576735][ T4428]          and is ignored by this kernel. Remove the mand
[   88.576735][ T4428]          option from the mount to silence this warning.
[   88.576735][ T4428] =======================================================
[   89.799598][ T4284] EXT4-fs (loop1): unmounting filesystem.
[   91.204152][ T4449] loop0: detected capacity change from 0 to 512
[   91.212245][ T4449] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   91.329057][ T4450] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[   91.345630][ T4450] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[   92.032506][ T4452] loop3: detected capacity change from 0 to 2048
[   92.069583][ T4456] loop1: detected capacity change from 0 to 16
[   92.125451][ T4456] erofs: (device loop1): mounted with root inode @ nid 36.
[   92.224680][ T4452] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   92.395616][ T4464] netlink: 'syz.2.21': attribute type 7 has an invalid length.
[   92.462589][   T26] audit: type=1800 audit(1770755572.221:2): pid=4452 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.16" name="file1" dev="loop3" ino=15 res=0 errno=0
[   92.484428][ T4464] netlink: 'syz.2.21': attribute type 8 has an invalid length.
[   94.155260][ T4465] erofs: (device loop1): z_erofs_readahead: readahead error at page 87 @ nid 36
[   94.162448][ T4473] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   94.181998][ T4473] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117]
[   94.235739][ T4465] erofs: (device loop1): z_erofs_readahead: readahead error at page 86 @ nid 36
[   94.289826][ T4465] syz.1.17: attempt to access beyond end of device
[   94.289826][ T4465] loop1: rw=524288, sector=16, nr_sectors = 16 limit=16
[   94.314670][ T4465] syz.1.17: attempt to access beyond end of device
[   94.314670][ T4465] loop1: rw=524288, sector=14425508768, nr_sectors = 8 limit=16
[   94.324522][ T4475] loop2: detected capacity change from 0 to 256
[   94.373671][ T4475] FAT-fs (loop2): Unrecognized mount option "uid=þu5¬}�[9·A�A±xÛˆô�0L0x0000000000000000" or missing value
[   94.598379][ T4465] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -24 in[52, 4044] out[3749]
[   97.690677][ T4476] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[   97.718672][ T4476] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 626 with error 28
[   97.731768][ T4476] EXT4-fs (loop3): This should not happen!! Data will be lost
[   97.731768][ T4476] 
[   97.742499][ T4476] EXT4-fs (loop3): Total free blocks count 0
[   97.749135][ T4476] EXT4-fs (loop3): Free/Dirty block details
[   97.755293][ T4476] EXT4-fs (loop3): free_blocks=4096
[   97.760987][ T4476] EXT4-fs (loop3): dirty_blocks=640
[   97.766235][ T4476] EXT4-fs (loop3): Block reservation details
[   97.784584][ T4476] EXT4-fs (loop3): i_reserved_data_blocks=40
[   97.903167][ T4269] EXT4-fs (loop3): unmounting filesystem.
[   98.012000][ T4485] loop1: detected capacity change from 0 to 1024
[  101.105750][   T26] audit: type=1326 audit(1770755580.031:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4503 comm="syz.2.23" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee3b9bf79 code=0x7ffc0000
[  101.224243][   T26] audit: type=1326 audit(1770755580.031:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4503 comm="syz.2.23" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee3b9bf79 code=0x7ffc0000
[  101.397961][ T4512] loop1: detected capacity change from 0 to 2048
[  101.741758][   T26] audit: type=1326 audit(1770755580.081:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4503 comm="syz.2.23" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7efee3b9bf79 code=0x7ffc0000
[  101.785568][ T4515] loop3: detected capacity change from 0 to 1024
[  102.015920][   T26] audit: type=1326 audit(1770755580.111:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4503 comm="syz.2.23" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee3b9bf79 code=0x7ffc0000
[  102.039068][ T4515] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended.  mounting read-only.
[  102.119556][ T4512] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  102.246971][   T26] audit: type=1326 audit(1770755580.111:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4503 comm="syz.2.23" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee3b9bf79 code=0x7ffc0000
[  102.269235][ T4518] loop4: detected capacity change from 0 to 128
[  102.284381][ T4520] netlink: 'syz.0.35': attribute type 10 has an invalid length.
[  102.297047][ T4518] UDF-fs: bad mount option "1844674407370955161501777777777777777777777" or missing value
[  102.329624][ T4520] device syz_tun entered promiscuous mode
[  102.361998][   T26] audit: type=1326 audit(1770755580.231:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4503 comm="syz.2.23" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7efee3b9bf79 code=0x7ffc0000
[  102.435663][ T4394] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  102.580803][ T4520] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  102.690489][   T26] audit: type=1326 audit(1770755580.231:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4503 comm="syz.2.23" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee3b9bf79 code=0x7ffc0000
[  102.807150][   T26] audit: type=1326 audit(1770755580.231:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4503 comm="syz.2.23" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efee3b9bf79 code=0x7ffc0000
[  103.215455][ T4530] loop0: detected capacity change from 0 to 1024
[  103.270054][ T4532] netlink: 56 bytes leftover after parsing attributes in process `syz.3.39'.
[  104.775471][ T4553] loop1: detected capacity change from 0 to 256
[  104.798487][ T4553] FAT-fs (loop1): Unrecognized mount option "uid=þu5¬}�[9·A�A±xÛˆô�0L0x0000000000000000" or missing value
[  106.272441][ T4323] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[  106.585180][ T4323] usb 3-1: config 5 has an invalid interface number: 211 but max is 0
[  106.947133][ T4323] usb 3-1: config 5 has no interface number 0
[  107.078859][ T4323] usb 3-1: New USB device found, idVendor=813a, idProduct=22fe, bcdDevice=89.9c
[  107.131588][ T4323] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.167072][ T4323] usb 3-1: Product: syz
[  107.171316][ T4323] usb 3-1: Manufacturer: syz
[  107.204367][ T4323] usb 3-1: SerialNumber: syz
[  107.273315][ T4323] usb 3-1: bad CDC descriptors
[  107.283186][ T4323] usb 3-1: bad CDC descriptors
[  107.796826][ T4565] netlink: 'syz.1.49': attribute type 10 has an invalid length.
[  109.331597][ T4565] device syz_tun entered promiscuous mode
[  109.684551][  T126] usb 3-1: USB disconnect, device number 2
[  109.721559][ T4565] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  113.473365][ T4580] loop4: detected capacity change from 0 to 512
[  113.532816][ T4580] ext4: Bad value for 'inode_readahead_blks'
[  113.696996][ T4328] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  113.881249][ T4603] binder: 4602:4603 ioctl 4018620d 0 returned -22
[  113.899342][ T4328] usb 4-1: Using ep0 maxpacket: 16
[  113.917761][ T4328] usb 4-1: config 0 interface 0 has no altsetting 0
[  113.940079][ T4603] loop0: detected capacity change from 0 to 512
[  113.965989][ T4328] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  114.004350][ T4328] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.009013][ T4603] EXT4-fs: Ignoring removed oldalloc option
[  114.028396][ T4328] usb 4-1: config 0 descriptor??
[  114.148045][ T4603] EXT4-fs (loop0): 1 truncate cleaned up
[  114.282394][ T4597] loop3: detected capacity change from 0 to 8
[  114.288908][ T4603] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  115.169661][ T4610] netlink: 20 bytes leftover after parsing attributes in process `syz.1.62'.
[  115.178919][ T4610] netlink: 20 bytes leftover after parsing attributes in process `syz.1.62'.
[  115.756935][    C0] sched: RT throttling activated
[  116.525719][ T4522] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  116.801990][ T4328] hid (null): unknown global tag 0xc
[  116.823211][ T4624] loop1: detected capacity change from 0 to 512
[  116.883475][ T4328] hid (null): unknown global tag 0xc
[  116.953432][ T4629] loop2: detected capacity change from 0 to 128
[  116.960884][ T4629] FAT-fs (loop2): Unrecognized mount option "" or missing value
[  117.442994][ T4635] netlink: 'syz.4.65': attribute type 10 has an invalid length.
[  117.692857][ T4635] device syz_tun entered promiscuous mode
[  117.720813][ T4328] hid (null): global environment stack underflow
[  117.773893][ T4635] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  117.776154][ T4328] hid (null): unknown global tag 0xc
[  117.827919][ T4624] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  117.877696][ T4624] ext4 filesystem being mounted at /15/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  117.907799][ T4328] hid (null): global environment stack underflow
[  117.915684][ T4328] hid (null): unknown global tag 0xe
[  118.023411][ T4328] hid (null): unknown global tag 0xf4
[  118.034829][ T4328] hid (null): invalid report_size 1623667742
[  118.223967][ T4328] hid (null): unknown global tag 0xe
[  118.688088][ T4328] usb 4-1: USB disconnect, device number 2
[  118.865834][ T4267] EXT4-fs (loop0): unmounting filesystem.
[  119.012091][ T4648] overlayfs: failed to clone lowerpath
[  119.641216][ T4284] EXT4-fs (loop1): unmounting filesystem.
[  122.221690][ T4673] fuse: Bad value for 'fd'
[  123.799701][ T4678] netlink: 16 bytes leftover after parsing attributes in process `syz.2.79'.
[  127.471520][ T4698] loop0: detected capacity change from 0 to 128
[  127.480412][ T4698] FAT-fs (loop0): Unrecognized mount option "8" or missing value
[  128.315552][ T4687] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  130.614617][ T4720] loop1: detected capacity change from 0 to 1024
[  132.437076][   T14] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  133.368634][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  133.386049][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  133.417821][   T14] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  133.428872][   T14] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  133.443968][   T14] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  133.910339][   T14] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  133.956953][   T14] usb 5-1: SerialNumber: syz
[  134.030964][   T14] usb 5-1: can't set config #1, error -71
[  134.081041][ T4743] netlink: 48 bytes leftover after parsing attributes in process `syz.2.97'.
[  134.082211][   T14] usb 5-1: USB disconnect, device number 2
[  134.112914][ T4743] mmap: syz.2.97 (4743): VmData 37457920 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  134.138380][ T4743] Zero length message leads to an empty skb
[  134.394232][ T4747] loop4: detected capacity change from 0 to 128
[  134.476831][ T4749] loop1: detected capacity change from 0 to 128
[  134.484969][ T4749] FAT-fs (loop1): Unrecognized mount option "@" or missing value
[  135.427483][ T4702] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  143.236555][ T4813] binder: 4812:4813 ioctl 4018620d 0 returned -22
[  143.293350][ T4813] loop3: detected capacity change from 0 to 256
[  143.575589][ T4813] FAT-fs (loop3): Directory bread(block 64) failed
[  143.597034][ T4813] FAT-fs (loop3): Directory bread(block 65) failed
[  143.603732][ T4813] FAT-fs (loop3): Directory bread(block 66) failed
[  144.008430][ T4813] FAT-fs (loop3): Directory bread(block 67) failed
[  144.127174][ T4813] FAT-fs (loop3): Directory bread(block 68) failed
[  144.133792][ T4813] FAT-fs (loop3): Directory bread(block 69) failed
[  144.524608][ T4813] FAT-fs (loop3): Directory bread(block 70) failed
[  144.537097][ T4813] FAT-fs (loop3): Directory bread(block 71) failed
[  144.543844][ T4813] FAT-fs (loop3): Directory bread(block 72) failed
[  145.247117][ T4813] FAT-fs (loop3): Directory bread(block 73) failed
[  146.470534][ T4836] binder: 4812:4836 ioctl c0306201 0 returned -14
[  146.517128][ T4322] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  147.576947][ T4322] usb 5-1: Using ep0 maxpacket: 32
[  147.583958][ T4322] usb 5-1: config 2 has an invalid interface number: 88 but max is 0
[  147.620693][ T4322] usb 5-1: config 2 has no interface number 0
[  147.668372][ T4322] usb 5-1: config 2 interface 88 altsetting 7 bulk endpoint 0x6 has invalid maxpacket 256
[  147.709112][ T4322] usb 5-1: config 2 interface 88 has no altsetting 0
[  147.741866][ T4322] usb 5-1: New USB device found, idVendor=0557, idProduct=2009, bcdDevice=c7.1e
[  147.767072][ T4322] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.785355][ T4322] usb 5-1: Product: syz
[  147.796686][ T4322] usb 5-1: Manufacturer: syz
[  147.816966][ T4322] usb 5-1: SerialNumber: syz
[  147.854603][ T4828] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  149.475104][ T4322] asix: probe of 5-1:2.88 failed with error -71
[  149.547120][ T4322] usb 5-1: USB disconnect, device number 3
[  149.923243][   T49] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  149.925898][ T4852] netlink: 40 bytes leftover after parsing attributes in process `syz.2.126'.
[  149.943406][ T4852] netlink: 40 bytes leftover after parsing attributes in process `syz.2.126'.
[  150.298081][ T4854] netlink: 260 bytes leftover after parsing attributes in process `syz.2.127'.
[  150.307444][ T4854] netlink: 104 bytes leftover after parsing attributes in process `syz.2.127'.
[  150.317134][ T4854] netlink: 16 bytes leftover after parsing attributes in process `syz.2.127'.
[  152.286717][ T4867] loop4: detected capacity change from 0 to 128
[  153.558000][   T26] audit: type=1326 audit(1770755633.321:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4871 comm="syz.4.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a7a79bf79 code=0x7ffc0000
[  153.646948][   T26] audit: type=1326 audit(1770755633.321:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4871 comm="syz.4.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a7a79bf79 code=0x7ffc0000
[  153.862244][   T26] audit: type=1326 audit(1770755633.341:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4871 comm="syz.4.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7f7a7a79bf79 code=0x7ffc0000
[  153.895355][   T26] audit: type=1326 audit(1770755633.341:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4871 comm="syz.4.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a7a79bf79 code=0x7ffc0000
[  154.916824][ T4883] netlink: 'syz.4.135': attribute type 34 has an invalid length.
[  155.245506][ T4882] netlink: 'syz.0.134': attribute type 16 has an invalid length.
[  155.253329][ T4882] netlink: 'syz.0.134': attribute type 17 has an invalid length.
[  155.267375][ T4882] device syz_tun left promiscuous mode
[  155.275992][ T4882] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  155.283358][ T4882] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  155.522335][ T4882] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  155.576955][   T26] audit: type=1326 audit(1770755633.341:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4871 comm="syz.4.133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a7a79bf79 code=0x7ffc0000
[  155.728272][   T49] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  155.730881][ T4888] netlink: 40 bytes leftover after parsing attributes in process `syz.0.137'.
[  155.747904][ T4888] netlink: 40 bytes leftover after parsing attributes in process `syz.0.137'.
[  158.943917][   T49] Bluetooth: hci3: unexpected subevent 0x0e length: 30 > 15
[  161.002713][   T49] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  161.622874][   T49] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  163.419625][ T4945] loop3: detected capacity change from 0 to 1024
[  163.832650][ T4945] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  163.847049][ T4945] ext4 filesystem being mounted at /28/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  163.930387][ T4945] EXT4-fs error (device loop3): ext4_lookup:1858: inode #15: comm syz.3.151: inode has both inline data and extents flags
[  164.046938][ T4945] EXT4-fs (loop3): Remounting filesystem read-only
[  164.103870][ T4951] EXT4-fs error (device loop3): ext4_lookup:1858: inode #15: comm syz.3.151: inode has both inline data and extents flags
[  164.132125][ T4951] EXT4-fs (loop3): Remounting filesystem read-only
[  164.322965][ T4269] EXT4-fs (loop3): unmounting filesystem.
[  168.484543][ T4970] netlink: 20 bytes leftover after parsing attributes in process `syz.2.158'.
[  169.447937][   T49] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  169.449950][ T4978] netlink: 40 bytes leftover after parsing attributes in process `syz.1.144'.
[  169.467017][ T4978] netlink: 40 bytes leftover after parsing attributes in process `syz.1.144'.
[  169.698819][ T4983] loop4: detected capacity change from 0 to 8
[  172.303969][ T4999] netlink: 20 bytes leftover after parsing attributes in process `syz.2.165'.
[  172.313025][ T4999] netlink: 20 bytes leftover after parsing attributes in process `syz.2.165'.
[  173.171332][ T5010] loop4: detected capacity change from 0 to 1024
[  173.640161][ T5016] netlink: 40 bytes leftover after parsing attributes in process `syz.1.172'.
[  173.649197][ T5016] netlink: 40 bytes leftover after parsing attributes in process `syz.1.172'.
[  173.691450][ T5017] netlink: 40 bytes leftover after parsing attributes in process `syz.0.171'.
[  173.700508][ T5017] netlink: 40 bytes leftover after parsing attributes in process `syz.0.171'.
[  173.757030][   T49] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  173.757156][   T49] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  175.383907][   T14] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  176.157387][ T5028] syz.0.173 (5028) used greatest stack depth: 18096 bytes left
[  176.297335][   T14] usb 5-1: config 0 interface 0 altsetting 12 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  176.338157][   T14] usb 5-1: config 0 interface 0 altsetting 12 endpoint 0x87 has invalid wMaxPacketSize 0
[  176.417037][   T14] usb 5-1: config 0 interface 0 has no altsetting 0
[  176.467028][   T14] usb 5-1: New USB device found, idVendor=06cd, idProduct=0115, bcdDevice=d9.c3
[  176.477869][ T5038] netlink: 8 bytes leftover after parsing attributes in process `syz.0.178'.
[  176.537353][   T14] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.584829][   T14] usb 5-1: Product: syz
[  176.597535][   T14] usb 5-1: Manufacturer: syz
[  176.602290][   T14] usb 5-1: SerialNumber: syz
[  176.647638][   T14] usb 5-1: config 0 descriptor??
[  176.681939][   T14] keyspan 5-1:0.0: Keyspan 2 port adapter converter detected
[  176.717300][   T14] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 7
[  176.772363][   T14] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 81
[  176.790142][   T14] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 1
[  176.827067][   T14] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 2
[  177.777325][   T14] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 85
[  177.785138][   T14] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 5
[  177.823602][   T14] usb 5-1: Keyspan 2 port adapter converter now attached to ttyUSB0
[  177.887341][   T14] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 83
[  177.937274][   T14] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 3
[  177.979500][   T14] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 4
[  177.987452][   T14] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 86
[  177.995217][   T14] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 6
[  178.004733][   T14] usb 5-1: Keyspan 2 port adapter converter now attached to ttyUSB1
[  178.287128][   T14] usb 5-1: USB disconnect, device number 4
[  178.327406][   T14] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0
[  178.431421][   T14] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1
[  178.448391][   T14] keyspan 5-1:0.0: device disconnected
[  179.834507][ T5061] netlink: 16 bytes leftover after parsing attributes in process `syz.4.186'.
[  180.518950][ T5065] netlink: 20 bytes leftover after parsing attributes in process `syz.1.179'.
[  180.528733][ T5065] netlink: 20 bytes leftover after parsing attributes in process `syz.1.179'.
[  184.948083][ T5096] loop3: detected capacity change from 0 to 8
[  185.355964][ T5096] netlink: 16 bytes leftover after parsing attributes in process `syz.3.197'.
[  187.392496][ T4285] Bluetooth: hci1: unexpected subevent 0x0e length: 30 > 15
[  187.440149][ T5108] netlink: 20 bytes leftover after parsing attributes in process `syz.1.202'.
[  187.449069][ T5108] netlink: 20 bytes leftover after parsing attributes in process `syz.1.202'.
[  187.908994][ T5114] netlink: 40 bytes leftover after parsing attributes in process `syz.2.184'.
[  187.917998][ T5114] netlink: 40 bytes leftover after parsing attributes in process `syz.2.184'.
[  187.957108][ T4285] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  191.982595][ T5133] process 'syz.4.209' launched './file0' with NULL argv: empty string added
[  193.357096][ T5140] netlink: 28 bytes leftover after parsing attributes in process `syz.4.211'.
[  193.507623][ T5142] netlink: 'syz.4.211': attribute type 10 has an invalid length.
[  193.963854][ T5146] loop3: detected capacity change from 0 to 1024
[  194.037767][ T5146] ext4: Unknown parameter 'dont_hash'
[  194.101140][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  194.114954][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  194.632330][ T5153] netlink: 40 bytes leftover after parsing attributes in process `syz.4.214'.
[  194.641593][ T5153] netlink: 40 bytes leftover after parsing attributes in process `syz.4.214'.
[  194.707096][ T4285] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  195.935155][ T5163] netlink: 40 bytes leftover after parsing attributes in process `syz.2.204'.
[  195.951502][ T5163] netlink: 40 bytes leftover after parsing attributes in process `syz.2.204'.
[  195.972919][ T4285] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  198.090573][ T5174] netlink: 24 bytes leftover after parsing attributes in process `syz.4.218'.
[  198.408117][ T5177] netlink: 8 bytes leftover after parsing attributes in process `syz.0.221'.
[  200.413450][ T5191] netlink: 40 bytes leftover after parsing attributes in process `syz.4.226'.
[  200.422446][ T5191] netlink: 40 bytes leftover after parsing attributes in process `syz.4.226'.
[  200.456298][ T4285] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  201.298947][ T4285] Bluetooth: hci1: command 0x0406 tx timeout
[  201.312752][   T49] Bluetooth: hci4: command 0x0406 tx timeout
[  202.238120][ T4285] Bluetooth: hci2: command 0x0406 tx timeout
[  202.244300][ T4285] Bluetooth: hci3: command 0x0406 tx timeout
[  202.250613][   T49] Bluetooth: hci0: command 0x0406 tx timeout
[  206.078074][ T5226] loop3: detected capacity change from 0 to 4096
[  206.148261][ T5226] EXT4-fs (loop3): Test dummy encryption mode enabled
[  206.241687][ T5226] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c01c, mo2=0002]
[  206.258543][ T5226] System zones: 0-5
[  206.302630][ T5226] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  206.819834][ T5233] netlink: 40 bytes leftover after parsing attributes in process `syz.1.239'.
[  206.828856][ T5233] netlink: 40 bytes leftover after parsing attributes in process `syz.1.239'.
[  206.904615][ T4285] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  207.728326][ T4269] EXT4-fs (loop3): unmounting filesystem.
[  208.103833][ T5245] fuse: Unknown parameter 'xœì’¿NÛPÆ¿k;vZ¥Q+uÊ’‘Úm§­º5c:tccÁJLˆp€Ø‘H¢Fe`@Œ<A^‰€
±°eÎ1#£{ï±1ḿá~:î¹ç{'„€ÇÕ´�&:Š¸a€2“¾¥&õœô–ôL
[  208.103833][ T5245] ®)ïù�IKáxbRNŸ¤CsMß*'
[  209.248862][ T4476] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.258863][ T4476] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.994438][ T4476] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  211.085877][ T4476] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.635007][ T4274] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  212.647277][ T4274] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  212.665126][ T4274] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  212.672941][ T4274] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  212.797889][ T4274] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  212.970575][ T4274] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  213.658691][ T5286] netlink: 16 bytes leftover after parsing attributes in process `syz.2.252'.
[  215.227147][ T4274] Bluetooth: hci1: command 0x0409 tx timeout
[  217.680069][ T4274] Bluetooth: hci1: command 0x041b tx timeout
[  218.031402][ T5278] chnl_net:caif_netlink_parms(): no params data found
[  219.710936][ T4274] Bluetooth: hci1: command 0x040f tx timeout
[  220.401957][ T5278] bridge0: port 1(bridge_slave_0) entered blocking state
[  220.424925][ T5278] bridge0: port 1(bridge_slave_0) entered disabled state
[  220.488036][ T5278] device bridge_slave_0 entered promiscuous mode
[  221.657519][ T5278] bridge0: port 2(bridge_slave_1) entered blocking state
[  221.664724][ T5278] bridge0: port 2(bridge_slave_1) entered disabled state
[  221.712963][ T5278] device bridge_slave_1 entered promiscuous mode
[  221.776932][ T4274] Bluetooth: hci1: command 0x0419 tx timeout
[  223.296218][ T5278] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  223.469467][ T5278] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  223.689432][ T5278] team0: Port device team_slave_0 added
[  223.719225][ T5278] team0: Port device team_slave_1 added
[  225.332684][ T5278] batman_adv: batadv0: Adding interface: batadv_slave_0
[  225.356902][ T5278] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  226.687078][ T5278] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  226.732341][ T5278] batman_adv: batadv0: Adding interface: batadv_slave_1
[  226.820814][ T5278] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  226.951878][ T5278] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  227.008969][ T5369] netlink: 24 bytes leftover after parsing attributes in process `syz.4.266'.
[  227.372731][ T5387] device wg1 entered promiscuous mode
[  227.542572][ T5278] device hsr_slave_0 entered promiscuous mode
[  227.635703][ T5278] device hsr_slave_1 entered promiscuous mode
[  227.841579][ T5278] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  227.870625][ T5399] netlink: 16 bytes leftover after parsing attributes in process `syz.4.272'.
[  227.877249][ T5278] Cannot create hsr debugfs directory
[  230.178863][ T4476] device hsr_slave_0 left promiscuous mode
[  230.217361][ T4476] device hsr_slave_1 left promiscuous mode
[  230.248041][ T4274] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  230.250643][ T5421] netlink: 40 bytes leftover after parsing attributes in process `syz.2.278'.
[  230.266791][ T5421] netlink: 40 bytes leftover after parsing attributes in process `syz.2.278'.
[  230.305063][ T4476] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  230.338928][ T4476] batman_adv: batadv0: Removing interface: batadv_slave_0
[  231.478609][ T4476] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  231.486073][ T4476] batman_adv: batadv0: Removing interface: batadv_slave_1
[  231.567801][ T4476] device bridge_slave_1 left promiscuous mode
[  231.575580][ T4476] bridge0: port 2(bridge_slave_1) entered disabled state
[  231.634211][ T4476] device bridge_slave_0 left promiscuous mode
[  231.647178][ T4476] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.823520][ T4476] device veth1_macvtap left promiscuous mode
[  232.845863][ T4476] device veth0_macvtap left promiscuous mode
[  232.887125][ T4476] device veth1_vlan left promiscuous mode
[  232.927205][ T4476] device veth0_vlan left promiscuous mode
[  234.632658][ T4476] team0 (unregistering): Port device team_slave_1 removed
[  234.728386][ T4476] team0 (unregistering): Port device team_slave_0 removed
[  234.975693][ T4476] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  235.402388][ T4476] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  237.293842][ T4476] bond0 (unregistering): Released all slaves
[  237.529069][ T5431] netlink: 24 bytes leftover after parsing attributes in process `syz.4.281'.
[  237.539665][ T5455] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  237.549151][ T5455] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  237.559396][ T5455] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  239.170698][ T5278] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  239.290068][ T5278] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  239.357065][ T5278] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  239.465903][ T5278] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  239.872262][ T5278] 8021q: adding VLAN 0 to HW filter on device bond0
[  240.055835][ T5278] 8021q: adding VLAN 0 to HW filter on device team0
[  240.072150][ T4274] Bluetooth: hci4: unexpected subevent 0x0e length: 30 > 15
[  240.718157][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  240.815692][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  240.938770][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  241.084638][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  241.224233][ T5564] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.231449][ T5564] bridge0: port 1(bridge_slave_0) entered forwarding state
[  241.359716][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  241.423030][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  241.452194][ T5564] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.459369][ T5564] bridge0: port 2(bridge_slave_1) entered forwarding state
[  241.758049][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  241.890112][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  241.899722][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  241.909053][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  241.918002][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  241.926615][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  241.967713][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  242.009787][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  242.050768][ T5278] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  242.184499][ T5278] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  242.407434][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  242.417602][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  242.436140][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  242.590744][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  243.344178][ T5594] netlink: 24 bytes leftover after parsing attributes in process `syz.2.301'.
[  245.351745][ T5560] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  245.392131][ T5560] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  245.459260][ T5278] 8021q: adding VLAN 0 to HW filter on device batadv0
[  247.068961][ T4274] Bluetooth: hci2: unexpected subevent 0x0e length: 30 > 15
[  247.377665][ T5642] netlink: 24 bytes leftover after parsing attributes in process `syz.0.312'.
[  249.145275][ T5668] netlink: 'syz.0.318': attribute type 1 has an invalid length.
[  249.370830][ T5668] 8021q: adding VLAN 0 to HW filter on device bond1
[  249.524858][ T5670] bond1: (slave bridge1): making interface the new active one
[  249.563616][ T5670] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  249.682642][ T5560] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  249.773571][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  249.867275][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  250.219172][ T5558] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  250.239050][ T5558] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  250.282004][ T5278] device veth0_vlan entered promiscuous mode
[  250.297273][ T5558] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  250.339729][ T5558] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  250.369443][ T5687] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  250.380847][ T5278] device veth1_vlan entered promiscuous mode
[  250.444233][ T5687] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  250.480301][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  250.498067][ T5687] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  250.508787][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  250.555820][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  250.789084][ T5564] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  250.847132][ T5693] netlink: 'syz.2.320': attribute type 10 has an invalid length.
[  251.050176][ T5693] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  251.104970][ T5694] netlink: 4 bytes leftover after parsing attributes in process `syz.0.323'.
[  251.116553][ T5278] device veth0_macvtap entered promiscuous mode
[  251.194256][ T5278] device veth1_macvtap entered promiscuous mode
[  251.281751][ T5278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  251.333924][ T5278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.383385][ T5278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  251.416209][ T5278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.456915][ T5278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  251.501976][ T5278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.553450][ T5278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  251.583988][ T5278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  251.652331][ T5278] batman_adv: batadv0: Interface activated: batadv_slave_0
[  252.579901][ T5554] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  252.624908][ T5554] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  252.798257][ T5278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  252.864020][ T5278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.897202][ T5278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  252.932120][ T5278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  252.976597][ T5278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  253.018444][ T5278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  253.082988][ T5278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  253.133891][ T5278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  253.183767][ T5278] batman_adv: batadv0: Interface activated: batadv_slave_1
[  253.218387][ T5727] netlink: 20 bytes leftover after parsing attributes in process `syz.4.330'.
[  253.277167][ T5560] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  253.387954][ T5560] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  253.545952][ T5278] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  253.555500][ T5278] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  253.566071][ T5278] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  253.575747][ T5278] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  253.843626][ T5738] netlink: 4 bytes leftover after parsing attributes in process `syz.2.336'.
[  253.887785][ T5560] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  253.895675][ T5560] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  253.974637][ T5558] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  254.062374][ T5560] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  254.096542][ T5560] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  254.295362][ T5558] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  255.539534][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  255.547510][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  257.280461][ T5784] loop5: detected capacity change from 0 to 8
[  257.346345][ T5784] netlink: 4 bytes leftover after parsing attributes in process `syz.5.347'.
[  259.156053][ T5795] loop5: detected capacity change from 0 to 512
[  259.431355][ T5795] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  259.440990][ T5795] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  262.004227][ T5278] EXT4-fs (loop5): unmounting filesystem.
[  263.531339][ T5824] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  264.156342][ T5831] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  264.212151][ T4274] Bluetooth: hci1: unexpected subevent 0x0e length: 30 > 15
[  264.307428][ T5824] netlink: 'syz.2.358': attribute type 10 has an invalid length.
[  265.978599][ T5849] loop5: detected capacity change from 0 to 512
[  266.089062][ T5849] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  266.537774][ T5849] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 18 vs 41 free clusters
[  266.577445][ T5849] Quota error (device loop5): write_blk: dquota write failed
[  266.585196][ T5849] Quota error (device loop5): qtree_write_dquot: Error -28 occurred while creating quota
[  266.719076][ T5849] EXT4-fs error (device loop5): ext4_acquire_dquot:6835: comm syz.5.365: Failed to acquire dquot type 0
[  266.831709][ T5849] EXT4-fs (loop5): 1 truncate cleaned up
[  266.858342][ T5849] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  267.008907][ T5849] Quota error (device loop5): write_blk: dquota write failed
[  267.788367][ T5849] Quota error (device loop5): qtree_write_dquot: Error -28 occurred while creating quota
[  267.870371][ T5849] EXT4-fs error (device loop5): ext4_acquire_dquot:6835: comm syz.5.365: Failed to acquire dquot type 0
[  269.353731][ T5278] EXT4-fs (loop5): unmounting filesystem.
[  275.407530][ T5908] random: crng reseeded on system resumption
[  275.915035][ T5913] loop5: detected capacity change from 0 to 8
[  281.607891][   T49] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  281.617500][   T49] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  281.626538][ T4285] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  281.638165][   T49] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  281.645720][   T49] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  281.653191][   T49] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  283.555148][ T5767] bond0: (slave syz_tun): Releasing backup interface
[  283.697262][   T49] Bluetooth: hci5: command 0x0409 tx timeout
[  284.315465][ T4476] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  284.464179][ T5943] chnl_net:caif_netlink_parms(): no params data found
[  284.667334][ T5954] netlink: 20 bytes leftover after parsing attributes in process `syz.2.389'.
[  285.507028][ T5954] netlink: 20 bytes leftover after parsing attributes in process `syz.2.389'.
[  286.516593][   T49] Bluetooth: hci5: command 0x041b tx timeout
[  286.629261][ T5977] loop5: detected capacity change from 0 to 8
[  286.642537][ T4476] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.250290][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state
[  287.257558][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state
[  287.265969][ T5943] device bridge_slave_0 entered promiscuous mode
[  287.301090][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state
[  287.390967][ T5943] bridge0: port 2(bridge_slave_1) entered disabled state
[  287.446686][ T5943] device bridge_slave_1 entered promiscuous mode
[  287.806545][ T4476] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.837779][   T49] Bluetooth: hci5: command 0x040f tx timeout
[  289.108428][ T5995] loop5: detected capacity change from 0 to 256
[  289.122853][ T5943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  289.202190][ T5995] FAT-fs (loop5): Unrecognized mount option "uid=þu5¬}�[9·A�A±xÛˆô�0L0x0000000000000000" or missing value
[  290.743490][ T4476] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.966699][   T49] Bluetooth: hci5: command 0x0419 tx timeout
[  292.074179][ T5943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  292.435522][ T5943] team0: Port device team_slave_0 added
[  292.485482][ T5943] team0: Port device team_slave_1 added
[  292.617360][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_0
[  293.739359][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  294.637397][ T5943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  294.828982][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_1
[  294.836005][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  294.987029][ T5943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  295.443655][ T5943] device hsr_slave_0 entered promiscuous mode
[  295.473185][ T5943] device hsr_slave_1 entered promiscuous mode
[  296.858328][ T5943] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  296.866006][ T5943] Cannot create hsr debugfs directory
[  299.424907][ T5943] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  299.532221][ T5943] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  299.576914][ T5943] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  299.635169][ T5943] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  299.658216][ T6057] netlink: 20 bytes leftover after parsing attributes in process `syz.5.409'.
[  299.668317][ T6057] netlink: 20 bytes leftover after parsing attributes in process `syz.5.409'.
[  302.498289][ T4274] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  303.507531][ T5943] 8021q: adding VLAN 0 to HW filter on device bond0
[  303.908208][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  303.933044][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  303.987856][ T5943] 8021q: adding VLAN 0 to HW filter on device team0
[  304.233282][ T6112] netlink: 48 bytes leftover after parsing attributes in process `syz.4.419'.
[  304.253202][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  304.278234][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  304.334706][ T4516] bridge0: port 1(bridge_slave_0) entered blocking state
[  304.341956][ T4516] bridge0: port 1(bridge_slave_0) entered forwarding state
[  304.531162][ T6118] netlink: 56 bytes leftover after parsing attributes in process `syz.4.421'.
[  304.636624][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  304.667853][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  304.732481][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  304.778510][ T4274] Bluetooth: hci3: unexpected subevent 0x0e length: 30 > 15
[  304.803110][ T4516] bridge0: port 2(bridge_slave_1) entered blocking state
[  304.810321][ T4516] bridge0: port 2(bridge_slave_1) entered forwarding state
[  304.883119][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  304.919010][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  305.043035][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  305.059424][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  305.107818][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  305.128027][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  305.157547][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  305.577501][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  305.586050][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  306.040688][ T5550] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  306.065690][ T5550] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  306.127949][ T5943] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  307.721793][ T4476] device hsr_slave_0 left promiscuous mode
[  309.747037][ T4476] device hsr_slave_1 left promiscuous mode
[  309.761635][ T4476] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  309.816931][ T4476] batman_adv: batadv0: Removing interface: batadv_slave_0
[  309.901124][ T4476] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  309.987242][ T4476] batman_adv: batadv0: Removing interface: batadv_slave_1
[  310.059290][ T4476] device bridge_slave_1 left promiscuous mode
[  310.065622][ T4476] bridge0: port 2(bridge_slave_1) entered disabled state
[  310.132089][ T6155] loop5: detected capacity change from 0 to 128
[  310.209206][ T4476] device bridge_slave_0 left promiscuous mode
[  310.215433][ T4476] bridge0: port 1(bridge_slave_0) entered disabled state
[  311.853481][ T4476] device veth1_macvtap left promiscuous mode
[  311.873975][ T4476] device veth0_macvtap left promiscuous mode
[  311.918166][ T4476] device veth1_vlan left promiscuous mode
[  311.924113][ T4476] device veth0_vlan left promiscuous mode
[  315.818451][ T4476] team0 (unregistering): Port device team_slave_1 removed
[  316.087459][ T6197] loop5: detected capacity change from 0 to 512
[  316.107216][ T4476] team0 (unregistering): Port device team_slave_0 removed
[  316.254726][ T4476] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  316.483671][ T4476] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  316.795777][ T6198] loop5: detected capacity change from 0 to 256
[  316.825190][ T6198] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  316.841245][ T6198] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d)
[  316.864635][ T4274] Bluetooth: hci1: unexpected subevent 0x0e length: 30 > 15
[  317.001231][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  317.007864][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  317.187993][ T4476] bond0 (unregistering): Released all slaves
[  317.414556][ T6181] netlink: 48 bytes leftover after parsing attributes in process `syz.2.430'.
[  318.260663][ T5532] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  318.311437][ T5532] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  318.386493][ T5943] 8021q: adding VLAN 0 to HW filter on device batadv0
[  319.310012][ T5550] bond0: (slave bond_slave_0): interface is now down
[  319.330607][ T5550] bond0: (slave bond_slave_1): interface is now down
[  319.369037][ T5550] bond0: (slave syz_tun): interface is now down
[  319.495691][ T5550] bond0: now running without any active interface!
[  320.251000][ T6253] loop5: detected capacity change from 0 to 8
[  320.337173][ T6253] netlink: 48 bytes leftover after parsing attributes in process `syz.5.444'.
[  322.567139][ T4446] bond0: (slave bond_slave_0): interface is now down
[  322.574250][ T4446] bond0: (slave bond_slave_1): interface is now down
[  322.660158][ T4476] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  322.675320][ T4476] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  322.694412][ T4446] bond0: (slave bond_slave_0): interface is now down
[  322.785807][ T4446] bond0: (slave bond_slave_1): interface is now down
[  322.856960][ T4446] bond0: (slave bond_slave_0): interface is now down
[  322.888392][ T4446] bond0: (slave bond_slave_1): interface is now down
[  323.099587][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  323.145672][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  323.156926][ T5550] bond0: (slave bond_slave_0): interface is now down
[  323.174773][ T5550] bond0: (slave bond_slave_1): interface is now down
[  323.235543][ T5943] device veth0_vlan entered promiscuous mode
[  323.262511][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  323.279680][ T5558] bond0: (slave bond_slave_0): interface is now down
[  323.286469][ T5558] bond0: (slave bond_slave_1): interface is now down
[  323.573643][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  323.646984][ T4352] bond0: (slave bond_slave_0): interface is now down
[  323.766907][ T4352] bond0: (slave bond_slave_1): interface is now down
[  323.800381][ T5943] device veth1_vlan entered promiscuous mode
[  323.818195][ T4352] bond0: (slave bond_slave_0): interface is now down
[  323.824959][ T4352] bond0: (slave bond_slave_1): interface is now down
[  323.912304][ T4352] bond0: (slave bond_slave_0): interface is now down
[  323.921548][ T5532] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  324.214803][ T5532] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  324.218017][ T4352] bond0: (slave bond_slave_1): interface is now down
[  324.974827][ T5943] device veth0_macvtap entered promiscuous mode
[  324.988794][ T4274] Bluetooth: hci2: unexpected subevent 0x0e length: 30 > 15
[  325.002587][ T5532] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  325.018221][ T5550] bond0: (slave bond_slave_0): interface is now down
[  325.048688][ T6311] loop5: detected capacity change from 0 to 1024
[  325.058600][ T5943] device veth1_macvtap entered promiscuous mode
[  325.078286][ T5550] bond0: (slave bond_slave_1): interface is now down
[  325.149256][ T5550] bond0: now running without any active interface!
[  325.200955][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.232507][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.276894][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.323965][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.354418][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.397003][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.435632][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  325.466074][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.536076][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_0
[  325.578015][ T5550] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  325.608363][ T5550] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  325.689457][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  325.782083][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.806990][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  325.856892][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  325.906861][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  326.006848][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.066875][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  326.126874][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  326.171884][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_1
[  326.229424][ T5550] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  326.240761][ T4395] bond0: (slave bond_slave_0): interface is now down
[  326.272778][ T4395] bond0: (slave bond_slave_1): interface is now down
[  326.274015][ T5550] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  326.326840][ T4395] bond0: (slave syz_tun): interface is now down
[  326.340397][ T5943] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  326.371278][ T5943] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  326.387703][ T5532] bond0: (slave bond_slave_0): interface is now down
[  326.421940][ T5532] bond0: (slave bond_slave_1): interface is now down
[  326.453344][ T5532] bond0: (slave syz_tun): interface is now down
[  326.507059][ T5532] bond0: (slave bond_slave_0): interface is now down
[  326.523786][ T5532] bond0: (slave bond_slave_1): interface is now down
[  326.559592][ T5532] bond0: (slave syz_tun): interface is now down
[  326.586845][ T5943] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  326.595635][ T5943] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  326.650104][ T5532] bond0: (slave bond_slave_0): interface is now down
[  326.683380][ T5532] bond0: (slave bond_slave_1): interface is now down
[  326.779731][ T5532] bond0: (slave syz_tun): interface is now down
[  326.827089][ T5550] bond0: (slave bond_slave_0): interface is now down
[  326.833849][ T5550] bond0: (slave bond_slave_1): interface is now down
[  327.615704][ T5550] bond0: (slave syz_tun): interface is now down
[  327.656875][ T4516] bond0: (slave bond_slave_0): interface is now down
[  327.687594][ T4516] bond0: (slave bond_slave_1): interface is now down
[  327.747118][ T4516] bond0: (slave syz_tun): interface is now down
[  327.807459][ T4516] bond0: (slave bond_slave_0): interface is now down
[  327.883257][ T4516] bond0: (slave bond_slave_1): interface is now down
[  327.929186][ T4516] bond0: (slave syz_tun): interface is now down
[  327.941034][ T4395] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  327.968951][ T5532] bond0: (slave bond_slave_0): interface is now down
[  327.968966][ T4395] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  328.009785][ T4395] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  328.069034][ T5532] bond0: (slave bond_slave_1): interface is now down
[  328.259201][ T5532] bond0: (slave syz_tun): interface is now down
[  329.018720][ T5532] bond0: (slave bond_slave_0): interface is now down
[  329.044014][ T5532] bond0: (slave bond_slave_1): interface is now down
[  329.081214][ T5532] bond0: (slave syz_tun): interface is now down
[  329.130316][ T5532] bond0: (slave bond_slave_0): interface is now down
[  329.188899][ T5532] bond0: (slave bond_slave_1): interface is now down
[  329.236985][ T5532] bond0: (slave syz_tun): interface is now down
[  329.424292][ T4352] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  329.450061][ T5532] bond0: now running without any active interface!
[  329.856956][ T4352] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  329.929432][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  330.247393][ T6367] loop5: detected capacity change from 0 to 8
[  330.299528][ T6368] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  330.345270][ T6367] netlink: 48 bytes leftover after parsing attributes in process `syz.5.474'.
[  330.525641][ T6371] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  330.938208][ T6368] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  331.014100][ T6368] loop6: detected capacity change from 0 to 512
[  331.266489][ T6368] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  331.323375][ T6368] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  331.380451][ T4274] Bluetooth: hci0: unexpected subevent 0x0e length: 30 > 15
[  331.476301][ T6368] netlink: 'syz.6.376': attribute type 10 has an invalid length.
[  331.633100][ T6368] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  332.389257][ T5943] EXT4-fs (loop6): unmounting filesystem.
[  332.704735][ T6412] loop6: detected capacity change from 0 to 128
[  334.956913][ T6422] loop5: detected capacity change from 0 to 8
[  335.007425][ T6422] netlink: 48 bytes leftover after parsing attributes in process `syz.5.486'.
[  335.612102][ T5560] bond0: (slave bond_slave_0): interface is now down
[  335.630440][ T5560] bond0: (slave bond_slave_1): interface is now down
[  335.704870][ T5560] bond0: (slave wlan1): interface is now down
[  335.827061][ T5560] bond0: now running without any active interface!
[  336.226568][ T6437] loop5: detected capacity change from 0 to 512
[  336.907863][ T6437] EXT4-fs: Ignoring removed oldalloc option
[  337.068818][ T6437] EXT4-fs (loop5): 1 truncate cleaned up
[  337.074554][ T6437] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  337.335914][ T6448] loop6: detected capacity change from 0 to 512
[  338.509602][ T5278] EXT4-fs (loop5): unmounting filesystem.
[  339.536927][   T49] Bluetooth: hci1: command 0x0406 tx timeout
[  340.962737][ T6464] netlink: 48 bytes leftover after parsing attributes in process `syz.0.500'.
[  343.336987][ T5131] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  343.540579][ T5131] usb 7-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  343.591498][ T5131] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  343.661800][ T5131] usb 7-1: Product: syz
[  343.702419][ T5131] usb 7-1: Manufacturer: syz
[  343.744099][ T5131] usb 7-1: SerialNumber: syz
[  345.670016][ T5131] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -71
[  345.974545][ T5131] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -71
[  346.057539][ T5131] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -71
[  346.137842][ T5131] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  346.638941][ T6522] loop6: detected capacity change from 0 to 128
[  346.646368][ T6522] FAT-fs (loop6): Unrecognized mount option "" or missing value
[  346.874274][ T6514] netlink: 48 bytes leftover after parsing attributes in process `syz.4.512'.
[  347.507678][ T5131] lan78xx 7-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  347.538329][ T6125] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  347.614342][ T5131] lan78xx: probe of 7-1:1.0 failed with error -71
[  347.703361][ T5131] usb 7-1: USB disconnect, device number 2
[  348.837993][ T6549] netlink: 12 bytes leftover after parsing attributes in process `syz.5.520'.
[  349.063929][   T49] Bluetooth: hci5: unexpected subevent 0x0e length: 30 > 15
[  350.388953][ T6563] loop5: detected capacity change from 0 to 8
[  350.416636][ T6563] netlink: 48 bytes leftover after parsing attributes in process `syz.5.524'.
[  353.489243][ T6596] netlink: 'syz.2.530': attribute type 10 has an invalid length.
[  353.681101][ T6596] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  354.853607][ T6605] 8021q: adding VLAN 0 to HW filter on device bond1
[  355.025313][ T6610] device bond_slave_0 entered promiscuous mode
[  355.031863][ T6610] device bond_slave_1 entered promiscuous mode
[  355.038142][ T6610] device syz_tun entered promiscuous mode
[  355.173528][ T6610] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  355.232407][ T6610] bond1: (slave macvlan2): unknown ethtool speed (20010) for port 1 (set it to 0)
[  355.329141][ T6610] bond1: (slave macvlan2): speed changed to 0 on port 1
[  355.395026][ T6610] bond1: (slave macvlan2): Enslaving as a backup interface with an up link
[  355.420789][ T6614] netlink: 48 bytes leftover after parsing attributes in process `syz.6.537'.
[  355.682474][ T5548] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  355.692822][ T6618] loop5: detected capacity change from 0 to 128
[  355.700293][ T6618] FAT-fs (loop5): Unrecognized mount option "­" or missing value
[  356.159845][   T49] Bluetooth: hci3: unexpected subevent 0x0e length: 30 > 15
[  360.330050][ T6670] netlink: 48 bytes leftover after parsing attributes in process `syz.6.550'.
[  361.900937][ T6693] netlink: 80 bytes leftover after parsing attributes in process `syz.0.555'.
[  363.506529][   T49] Bluetooth: hci3: unexpected subevent 0x0e length: 30 > 15
[  364.999387][   T49] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  365.048463][ T6748] netlink: 40 bytes leftover after parsing attributes in process `syz.4.575'.
[  365.566013][ T6748] netlink: 40 bytes leftover after parsing attributes in process `syz.4.575'.
[  367.140112][ T6777] netlink: 48 bytes leftover after parsing attributes in process `syz.0.582'.
[  367.617622][   T49] Bluetooth: hci5: unexpected subevent 0x0e length: 30 > 15
[  369.649819][   T49] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  369.730260][ T6803] netlink: 40 bytes leftover after parsing attributes in process `syz.0.590'.
[  369.856018][ T6803] netlink: 40 bytes leftover after parsing attributes in process `syz.0.590'.
[  371.540028][ T6830] netlink: 48 bytes leftover after parsing attributes in process `syz.6.597'.
[  377.536988][   T49] Bluetooth: hci5: unexpected event 0x2f length: 509 > 260
[  377.540505][ T6905] netlink: 40 bytes leftover after parsing attributes in process `syz.6.611'.
[  377.781579][ T6905] netlink: 40 bytes leftover after parsing attributes in process `syz.6.611'.
[  379.143830][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  379.150157][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  379.947738][ T6942] capability: warning: `syz.4.625' uses deprecated v2 capabilities in a way that may be insecure
[  382.212498][ T6966] netlink: 40 bytes leftover after parsing attributes in process `syz.5.632'.
[  382.221501][ T6966] netlink: 40 bytes leftover after parsing attributes in process `syz.5.632'.
[  382.897094][   T49] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  384.306498][ T6975] 9pnet_fd: Insufficient options for proto=fd
[  384.499261][ T6977] netlink: 'syz.0.636': attribute type 10 has an invalid length.
[  384.707426][ T6977] bond0: (slave wlan1): Enslaving as an active interface with a down link
[  384.810761][ T6976] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  385.008355][ T6984] syz.6.638 uses obsolete (PF_INET,SOCK_PACKET)
[  387.527595][ T7024] netlink: 40 bytes leftover after parsing attributes in process `syz.2.645'.
[  387.536552][ T7024] netlink: 40 bytes leftover after parsing attributes in process `syz.2.645'.
[  387.570497][   T49] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  391.035814][ T7057] netlink: 48 bytes leftover after parsing attributes in process `syz.0.655'.
[  391.092781][ T7052] netlink: 'syz.2.653': attribute type 10 has an invalid length.
[  391.208228][ T7050] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  391.749666][ T7069] netlink: 40 bytes leftover after parsing attributes in process `syz.0.658'.
[  391.758676][ T7069] netlink: 40 bytes leftover after parsing attributes in process `syz.0.658'.
[  391.816948][   T49] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  394.257890][ T7090] device netdevsim0 entered promiscuous mode
[  395.429992][ T7102] netlink: 48 bytes leftover after parsing attributes in process `syz.0.667'.
[  395.672083][ T7108] netlink: 40 bytes leftover after parsing attributes in process `syz.6.669'.
[  395.681095][ T7108] netlink: 40 bytes leftover after parsing attributes in process `syz.6.669'.
[  395.715467][   T49] Bluetooth: hci5: unexpected event 0x2f length: 509 > 260
[  400.041455][ T7146] netlink: 48 bytes leftover after parsing attributes in process `syz.2.680'.
[  401.504518][ T7155] device macvtap1 entered promiscuous mode
[  402.709185][ T7178] netlink: 20 bytes leftover after parsing attributes in process `syz.2.689'.
[  402.718204][ T7178] netlink: 20 bytes leftover after parsing attributes in process `syz.2.689'.
[  405.991304][ T7214] netlink: 12 bytes leftover after parsing attributes in process `syz.4.701'.
[  406.179780][ T7216] netlink: 20 bytes leftover after parsing attributes in process `syz.6.703'.
[  406.188774][ T7216] netlink: 20 bytes leftover after parsing attributes in process `syz.6.703'.
[  406.969107][ T4274] Bluetooth: hci5: command 0x0406 tx timeout
[  407.001774][ T7214] 8021q: adding VLAN 0 to HW filter on device bond1
[  411.434379][ T4274] Bluetooth: hci0: unexpected subevent 0x0e length: 30 > 15
[  422.687367][ T7385] netlink: 20 bytes leftover after parsing attributes in process `syz.2.743'.
[  422.696306][ T7385] netlink: 20 bytes leftover after parsing attributes in process `syz.2.743'.
[  424.521669][ T7389] netlink: 4 bytes leftover after parsing attributes in process `syz.6.740'.
[  424.968353][ T7402] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  425.013109][ T7402] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  425.038033][ T7402] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  425.713910][ T7417] delete_channel: no stack
[  427.012718][ T7434] netlink: 40 bytes leftover after parsing attributes in process `syz.2.756'.
[  427.021738][ T7434] netlink: 40 bytes leftover after parsing attributes in process `syz.2.756'.
[  427.055351][ T4274] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  428.359392][ T7448] netlink: 12 bytes leftover after parsing attributes in process `syz.2.760'.
[  431.434930][ T7473] netlink: 40 bytes leftover after parsing attributes in process `syz.6.768'.
[  431.444025][ T7473] netlink: 40 bytes leftover after parsing attributes in process `syz.6.768'.
[  431.483404][ T4274] Bluetooth: hci5: unexpected event 0x2f length: 509 > 260
[  434.418633][ T7516] netlink: 48 bytes leftover after parsing attributes in process `syz.5.766'.
[  434.444511][   T26] audit: type=1326 audit(1770755914.201:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7515 comm="syz.5.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b8959bf79 code=0x7ffc0000
[  434.537820][   T26] audit: type=1326 audit(1770755914.201:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7515 comm="syz.5.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b8959bf79 code=0x7ffc0000
[  435.607170][   T26] audit: type=1326 audit(1770755914.211:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7515 comm="syz.5.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f8b8959bf79 code=0x7ffc0000
[  436.687842][   T26] audit: type=1326 audit(1770755914.211:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7515 comm="syz.5.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b8959bf79 code=0x7ffc0000
[  436.786906][   T26] audit: type=1326 audit(1770755914.211:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7515 comm="syz.5.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b8959bf79 code=0x7ffc0000
[  436.877077][   T26] audit: type=1326 audit(1770755914.211:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7515 comm="syz.5.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f8b8959bf79 code=0x7ffc0000
[  436.986373][   T26] audit: type=1326 audit(1770755914.211:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7515 comm="syz.5.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b8959bf79 code=0x7ffc0000
[  437.110464][   T26] audit: type=1326 audit(1770755914.211:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7515 comm="syz.5.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b8959bf79 code=0x7ffc0000
[  437.216896][   T26] audit: type=1326 audit(1770755914.261:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7515 comm="syz.5.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f8b8959bf79 code=0x7ffc0000
[  437.306844][   T26] audit: type=1326 audit(1770755914.261:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7515 comm="syz.5.766" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b8959bf79 code=0x7ffc0000
[  438.584850][ T7558] xt_hashlimit: size too large, truncated to 1048576
[  438.603004][ T4274] Bluetooth: hci5: unexpected subevent 0x0e length: 30 > 15
[  440.123339][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  440.129763][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  440.588274][ T7575] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  440.687862][ T7575] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  440.770114][ T7576] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  440.821575][ T7578] netlink: 'syz.5.791': attribute type 10 has an invalid length.
[  441.129397][ T7578] bond0: (slave wlan1): Enslaving as an active interface with a down link
[  443.271845][ T7606] netlink: 20 bytes leftover after parsing attributes in process `syz.5.797'.
[  443.281193][ T7606] netlink: 20 bytes leftover after parsing attributes in process `syz.5.797'.
[  445.478198][ T4274] Bluetooth: hci0: unexpected subevent 0x0e length: 30 > 15
[  447.210545][ T7635] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  447.458073][ T7635] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  447.541531][ T7648] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  447.582183][ T7635] netlink: 'syz.6.805': attribute type 10 has an invalid length.
[  448.168083][ T7655] netlink: 20 bytes leftover after parsing attributes in process `syz.4.809'.
[  448.177264][ T7655] netlink: 20 bytes leftover after parsing attributes in process `syz.4.809'.
[  451.506002][ T4274] Bluetooth: hci1: unexpected subevent 0x0e length: 30 > 15
[  452.763501][ T7713] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  452.870010][ T7713] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  452.908487][ T7713] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  453.025833][ T7713] netlink: 'syz.6.822': attribute type 10 has an invalid length.
[  461.369949][ T7804] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  461.466107][ T7804] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  461.516970][ T7804] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  461.595928][ T7804] netlink: 'syz.0.841': attribute type 10 has an invalid length.
[  462.759409][ T7828] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  462.759409][ T7828] The task syz.6.850 (7828) triggered the difference, watch for misbehavior.
[  464.295419][ T7841] netlink: 24 bytes leftover after parsing attributes in process `syz.4.858'.
[  466.208178][ T7848] netlink: 40 bytes leftover after parsing attributes in process `syz.2.859'.
[  466.217154][ T7848] netlink: 40 bytes leftover after parsing attributes in process `syz.2.859'.
[  466.247264][ T4274] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  467.908022][ T7868] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  468.079864][ T7868] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  468.170937][ T7869] netlink: 'syz.4.864': attribute type 10 has an invalid length.
[  468.367525][ T7869] bond0: (slave wlan1): Enslaving as an active interface with a down link
[  471.505441][ T7897] netlink: 40 bytes leftover after parsing attributes in process `syz.2.872'.
[  471.514557][ T7897] netlink: 40 bytes leftover after parsing attributes in process `syz.2.872'.
[  471.523742][ T4274] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  472.665689][ T7908] netlink: 48 bytes leftover after parsing attributes in process `syz.0.876'.
[  485.415294][ T8105] Core dump to core aborted: cannot preserve file permissions
[  495.447604][ T8239] netlink: 52 bytes leftover after parsing attributes in process `syz.4.989'.
[  498.720584][ T8297] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1004'.
[  502.208941][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  502.215373][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  504.397988][ T8348] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1018'.
[  505.931597][   T26] kauditd_printk_skb: 10 callbacks suppressed
[  505.931609][   T26] audit: type=1326 audit(1770755985.691:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.6.1013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43ee79bf79 code=0x7ffc0000
[  506.043057][   T26] audit: type=1326 audit(1770755985.721:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.6.1013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43ee79bf79 code=0x7ffc0000
[  506.162120][   T26] audit: type=1326 audit(1770755985.731:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.6.1013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7f43ee79bf79 code=0x7ffc0000
[  506.290007][   T26] audit: type=1326 audit(1770755985.731:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.6.1013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43ee79bf79 code=0x7ffc0000
[  507.438473][   T26] audit: type=1326 audit(1770755985.731:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.6.1013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43ee79bf79 code=0x7ffc0000
[  507.529735][   T26] audit: type=1326 audit(1770755985.731:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.6.1013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7f43ee79bf79 code=0x7ffc0000
[  507.608909][   T26] audit: type=1326 audit(1770755985.731:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.6.1013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43ee79bf79 code=0x7ffc0000
[  507.738607][   T26] audit: type=1326 audit(1770755985.731:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.6.1013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f43ee79bf79 code=0x7ffc0000
[  509.908306][ T8384] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1036'.
[  514.394141][ T8415] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1049'.
[  514.907373][ T8421] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1051'.
[  517.285704][   T49] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  517.337791][   T49] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  517.351034][   T49] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  517.359058][   T49] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  517.366674][   T49] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  517.374112][   T49] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  518.889731][ T8431] chnl_net:caif_netlink_parms(): no params data found
[  519.205525][ T8431] bridge0: port 1(bridge_slave_0) entered blocking state
[  519.346974][ T8431] bridge0: port 1(bridge_slave_0) entered disabled state
[  519.366930][ T8431] device bridge_slave_0 entered promiscuous mode
[  519.434311][ T8431] bridge0: port 2(bridge_slave_1) entered blocking state
[  519.466945][ T4274] Bluetooth: hci4: command 0x0409 tx timeout
[  519.473813][ T8431] bridge0: port 2(bridge_slave_1) entered disabled state
[  519.533937][ T8431] device bridge_slave_1 entered promiscuous mode
[  519.668729][ T8457] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1060'.
[  519.692036][ T8431] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  519.781918][ T8431] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  519.873238][ T8459] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1059'.
[  519.965790][ T8431] team0: Port device team_slave_0 added
[  520.980120][ T8431] team0: Port device team_slave_1 added
[  521.289859][ T8431] batman_adv: batadv0: Adding interface: batadv_slave_0
[  521.416820][ T8431] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  521.523358][ T8431] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  521.536919][   T49] Bluetooth: hci4: command 0x041b tx timeout
[  521.642720][ T8431] batman_adv: batadv0: Adding interface: batadv_slave_1
[  521.650605][ T8475] x_tables: ip6_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING
[  521.661083][ T8431] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  521.771951][ T8431] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  522.414697][ T8431] device hsr_slave_0 entered promiscuous mode
[  522.459227][ T8431] device hsr_slave_1 entered promiscuous mode
[  522.533399][ T8431] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  522.581723][ T8431] Cannot create hsr debugfs directory
[  522.722197][ T5532] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  522.974714][ T5532] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  523.018001][ T8488] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1071'.
[  523.132190][ T8488] device hsr_slave_0 left promiscuous mode
[  523.179028][ T8488] device hsr_slave_1 left promiscuous mode
[  523.442169][ T5532] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  523.617133][   T49] Bluetooth: hci4: command 0x040f tx timeout
[  524.592999][ T8501] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1076'.
[  524.602083][ T8501] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1076'.
[  524.647163][ T4274] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  524.851947][ T5532] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  525.385299][ T8505] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1075'.
[  525.697018][ T4274] Bluetooth: hci4: command 0x0419 tx timeout
[  525.989889][ T8431] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  526.297468][ T8431] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  526.357329][ T8431] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  526.713614][ T8431] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  528.935238][ T8431] 8021q: adding VLAN 0 to HW filter on device bond0
[  529.203234][ T8431] 8021q: adding VLAN 0 to HW filter on device team0
[  529.387200][ T8560] netlink: 48 bytes leftover after parsing attributes in process `syz.6.1090'.
[  529.531920][ T8562] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1092'.
[  530.650990][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  531.567774][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  531.585901][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  531.627433][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  531.657291][ T4352] bridge0: port 1(bridge_slave_0) entered blocking state
[  531.664481][ T4352] bridge0: port 1(bridge_slave_0) entered forwarding state
[  531.847363][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  531.867156][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  531.896502][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  531.923706][ T4352] bridge0: port 2(bridge_slave_1) entered blocking state
[  531.930944][ T4352] bridge0: port 2(bridge_slave_1) entered forwarding state
[  531.946577][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  531.979258][ T8587] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1087'.
[  531.988315][ T8587] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1087'.
[  532.052333][   T49] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  533.026976][    C1] vxcan1: j1939_tp_rxtimer: 0xffff888055c05000: rx timeout, send abort
[  533.156954][    C1] vxcan1: j1939_xtp_rx_abort_one: 0xffff888055c05000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  533.756657][ T8606] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1104'.
[  533.991407][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  534.014784][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  534.058574][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  534.081829][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  534.097946][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  534.114410][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  534.125393][ T8603] netlink: 48 bytes leftover after parsing attributes in process `syz.6.1103'.
[  534.138489][ T5550] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  534.177432][ T5550] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  534.384642][ T5532] bond0: (slave wlan1): Releasing backup interface
[  534.435671][ T8431] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  534.490505][ T8431] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  534.559799][ T5550] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  534.573602][ T5550] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  534.657324][ T8626] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1111'.
[  534.666380][ T8626] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1111'.
[  534.777043][   T49] Bluetooth: hci5: unexpected event 0x2f length: 509 > 260
[  535.064172][ T8635] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1114'.
[  535.307727][ T8641] netlink: 48 bytes leftover after parsing attributes in process `syz.6.1116'.
[  536.206644][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  536.244499][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  536.272770][ T8431] 8021q: adding VLAN 0 to HW filter on device batadv0
[  536.368301][ T5532] device hsr_slave_0 left promiscuous mode
[  536.413923][ T5532] device hsr_slave_1 left promiscuous mode
[  536.435232][ T5532] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  536.486568][ T5532] batman_adv: batadv0: Removing interface: batadv_slave_0
[  536.527752][ T5532] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  536.545434][ T5532] batman_adv: batadv0: Removing interface: batadv_slave_1
[  536.585076][ T5532] device bridge_slave_1 left promiscuous mode
[  536.603454][ T5532] bridge0: port 2(bridge_slave_1) entered disabled state
[  536.625602][ T5532] device bridge_slave_0 left promiscuous mode
[  536.668123][ T5532] bridge0: port 1(bridge_slave_0) entered disabled state
[  536.761097][ T5532] device veth1_macvtap left promiscuous mode
[  536.778867][ T5532] device veth0_macvtap left promiscuous mode
[  536.800078][ T5532] device veth1_vlan left promiscuous mode
[  536.815260][ T5532] device veth0_vlan left promiscuous mode
[  537.843375][ T5532] team0 (unregistering): Port device team_slave_1 removed
[  537.898861][ T5532] team0 (unregistering): Port device team_slave_0 removed
[  538.905802][ T5532] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  538.988724][ T5532] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  539.454560][ T5532] bond0 (unregistering): Released all slaves
[  539.562582][ T8671] netlink: 48 bytes leftover after parsing attributes in process `syz.6.1128'.
[  539.591143][ T8693] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1134'.
[  543.297019][ T8762] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1153'.
[  543.453562][ T5552] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  543.487197][ T5552] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  543.611682][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  543.638393][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  543.676656][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  543.708656][ T4323] kernel write not supported for file bpf-map (pid: 4323 comm: kworker/0:5)
[  543.715827][ T4516] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  543.763886][ T8431] device veth0_vlan entered promiscuous mode
[  543.816157][ T8431] device veth1_vlan entered promiscuous mode
[  543.913540][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  543.931706][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  543.955656][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  543.987485][ T4352] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  544.025476][ T8431] device veth0_macvtap entered promiscuous mode
[  544.068849][ T8431] device veth1_macvtap entered promiscuous mode
[  544.141014][ T8431] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  544.211070][ T8431] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  544.229256][ T8431] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  544.258285][ T8431] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  544.291821][ T8431] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  544.326898][ T8431] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  544.357354][ T8431] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  544.376560][ T8431] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  544.411300][ T8431] batman_adv: batadv0: Interface activated: batadv_slave_0
[  544.440650][ T5560] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  544.497616][ T5560] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  544.528466][ T5560] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  544.557458][ T5560] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  544.593818][ T8431] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  545.506176][ T8431] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  545.546045][ T8431] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  545.638238][ T8431] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  545.679911][ T8431] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  545.732359][ T8431] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  545.865936][ T8431] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  545.930268][ T8431] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  546.005831][ T8431] batman_adv: batadv0: Interface activated: batadv_slave_1
[  546.287647][ T8431] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  546.356030][ T8431] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  546.405972][ T8431] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  546.461596][ T8431] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  546.841853][ T4516] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  546.875238][ T4516] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  546.968507][ T5560] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  546.988265][ T5560] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  547.154041][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  547.199012][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  547.257722][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  547.319383][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  547.763332][ T8820] loop7: detected capacity change from 0 to 1024
[  547.802795][ T8820] EXT4-fs: inline encryption not supported
[  547.860280][ T8820] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  547.975269][ T8820] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  549.293798][ T8431] EXT4-fs (loop7): unmounting filesystem.
[  550.665748][ T8856] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1165'.
[  551.363971][ T8876] loop7: detected capacity change from 0 to 256
[  551.433166][ T8876] FAT-fs (loop7): Directory bread(block 1285) failed
[  551.494086][ T8876] FAT-fs (loop7): Directory bread(block 1285) failed
[  551.531879][ T8876] FAT-fs (loop7): Directory bread(block 1285) failed
[  551.574745][ T8876] FAT-fs (loop7): Directory bread(block 1285) failed
[  552.915411][ T8892] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1191'.
[  555.583241][ T8943] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1204'.
[  558.896272][ T8987] loop7: detected capacity change from 0 to 256
[  558.953936][ T8987] FAT-fs (loop7): Unrecognized mount option "uid=þu5¬}�[9·A�A±xÛˆô�0L0x0000000000000000" or missing value
[  561.800742][ T9015] netlink: 16090 bytes leftover after parsing attributes in process `syz.0.1224'.
[  563.407479][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  563.413862][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  569.551403][ T9091] loop7: detected capacity change from 0 to 256
[  569.572789][ T9091] exFAT-fs (loop7): Medium has reported failures. Some data may be lost.
[  569.601763][ T9091] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d)
[  574.037788][ T9132] Can't find ip_set type hash:ip,
[  577.835017][ T9189] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1267'.
[  579.693317][ T9238] 9pnet_fd: Insufficient options for proto=fd
[  579.745664][ T9105] Set syz1 is full, maxelem 65536 reached
[  579.868904][ T9244] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  579.946870][ T9244] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  579.962954][ T9244] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  579.999534][ T9244] netlink: 'syz.6.1283': attribute type 10 has an invalid length.
[  581.563420][ T9296] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  581.722184][ T9296] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  581.739194][ T9296] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  581.796428][ T9296] loop7: detected capacity change from 0 to 512
[  581.897207][ T9296] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  581.906243][ T9296] ext4 filesystem being mounted at /23/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  582.108040][ T9296] netlink: 'syz.7.1305': attribute type 10 has an invalid length.
[  582.290064][ T9296] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  582.985408][ T8431] EXT4-fs (loop7): unmounting filesystem.
[  585.896031][ T9359] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  585.980300][ T9359] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  586.016535][ T9359] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  586.099967][ T9359] netlink: 'syz.0.1321': attribute type 10 has an invalid length.
[  586.842714][ T9376] device syzkaller1 entered promiscuous mode
[  588.263558][ T9273] Set syz1 is full, maxelem 65536 reached
[  588.551503][ T9400] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1335'.
[  588.560702][ T9400] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1335'.
[  588.595419][   T49] Bluetooth: hci5: unexpected event 0x2f length: 509 > 260
[  589.645408][ T9405] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  590.070597][ T9414] loop7: detected capacity change from 0 to 128
[  590.078211][ T9414] FAT-fs (loop7): Unrecognized mount option "L" or missing value
[  590.623857][ T9416] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  590.668041][ T9237] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  590.687796][ T9405] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  590.738764][ T9416] netlink: 'syz.0.1336': attribute type 10 has an invalid length.
[  592.058801][ T9432] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1343'.
[  592.776494][ T9442] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1347'.
[  592.786073][ T9442] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1347'.
[  592.856851][   T49] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  594.193763][ T9461] netlink: 'syz.0.1353': attribute type 1 has an invalid length.
[  594.316534][ T9461] 8021q: adding VLAN 0 to HW filter on device bond2
[  594.414424][ T9464] device macvlan2 entered promiscuous mode
[  594.458716][ T9464] device bond2 entered promiscuous mode
[  594.480340][ T9464] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  594.523214][ T9464] device bond2 left promiscuous mode
[  594.728879][ T9474] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  594.748239][ T9461] bond2: (slave ip6gretap1): making interface the new active one
[  594.848363][ T9474] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  594.859362][ T9461] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link
[  594.931021][ T9469] device macvlan2 entered promiscuous mode
[  594.962387][ T9469] device bond2 entered promiscuous mode
[  594.976997][ T9469] device ip6gretap1 entered promiscuous mode
[  594.983772][ T9478] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  594.997504][ T9469] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  595.027105][ T9469] bond2: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of ip6gretap1
[  595.080808][ T9469] device bond2 left promiscuous mode
[  595.086258][ T9469] device ip6gretap1 left promiscuous mode
[  595.227639][ T5532] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  595.247385][ T9478] netlink: 'syz.7.1356': attribute type 10 has an invalid length.
[  595.436446][ T9488] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1359'.
[  595.445801][ T9488] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1359'.
[  595.480333][   T49] Bluetooth: hci5: unexpected event 0x2f length: 509 > 260
[  598.284579][ T9542] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  598.817714][ T9544] netlink: 'syz.2.1373': attribute type 10 has an invalid length.
[  598.884064][ T9548] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  602.011669][ T9601] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1394'.
[  603.867196][ T9632] capability: warning: `syz.6.1399' uses 32-bit capabilities (legacy support in use)
[  603.891041][ T9631] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1405'.
[  603.900127][ T9631] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1405'.
[  603.934053][   T49] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  605.144559][ T9646] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1410'.
[  606.485324][ T9681] netlink: 64 bytes leftover after parsing attributes in process `syz.7.1423'.
[  606.709683][ T9689] netlink: 92 bytes leftover after parsing attributes in process `syz.7.1426'.
[  606.723027][ T9688] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1425'.
[  608.161206][ T9721] netlink: 48 bytes leftover after parsing attributes in process `syz.7.1438'.
[  609.202593][ T9757] netlink: 48 bytes leftover after parsing attributes in process `syz.6.1451'.
[  611.197732][ T9783] netlink: 14 bytes leftover after parsing attributes in process `syz.7.1461'.
[  611.414045][ T9783] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  611.495645][ T9783] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  611.598364][ T9783] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  611.678286][ T9783] bond0 (unregistering): Released all slaves
[  618.777368][ T9884] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1489'.
[  618.786409][ T9884] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1489'.
[  618.795461][    C1] vxcan1: j1939_tp_rxtimer: 0xffff88802f0de000: rx timeout, send abort
[  618.796048][    C1] vxcan1: j1939_xtp_rx_abort_one: 0xffff88802f0de000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  618.844083][   T49] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  619.885515][ T9893] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1493'.
[  623.417806][ T9914] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1499'.
[  623.583695][ T9917] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1500'.
[  623.592781][ T9917] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1500'.
[  623.627004][   T49] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  624.236979][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  624.267935][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  624.330408][ T9915] process '/newroot/304/file0' started with executable stack
[  625.597488][    C1] vxcan1: j1939_tp_rxtimer: 0xffff888056335400: rx timeout, send abort
[  625.606060][    C1] vxcan1: j1939_xtp_rx_abort_one: 0xffff888056335400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  626.856090][ T9942] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1511'.
[  628.698816][ T9949] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1514'.
[  628.778640][ T9951] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1513'.
[  628.787732][ T9951] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1513'.
[  628.827377][   T49] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  631.417262][ T9984] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1527'.
[  631.803937][ T9994] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1530'.
[  631.852906][ T9994] device hsr_slave_0 left promiscuous mode
[  631.889857][ T9994] device hsr_slave_1 left promiscuous mode
[  640.329778][T10083] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1551'.
[  640.433712][T10083] device hsr_slave_0 left promiscuous mode
[  640.489268][T10083] device hsr_slave_1 left promiscuous mode
[  641.777060][   T49] Bluetooth: hci4: command 0x0406 tx timeout
[  642.482598][T10101] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  642.569040][T10109] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  642.797974][T10101] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  642.844100][T10101] netlink: 'syz.7.1570': attribute type 10 has an invalid length.
[  643.596579][T10122] xt_l2tp: v2 tid > 0xffff: 37482740
[  643.740082][    C0] vxcan1: j1939_tp_rxtimer: 0xffff8880576ef800: rx timeout, send abort
[  643.748899][    C0] vxcan1: j1939_xtp_rx_abort_one: 0xffff8880576ef800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  644.383973][T10153] team0 (unregistering): Port device team_slave_0 removed
[  644.673139][T10153] team0 (unregistering): Port device team_slave_1 removed
[  644.703151][T10160] device veth0_to_team entered promiscuous mode
[  645.565794][T10186] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1607'.
[  645.596088][T10186] device hsr_slave_0 left promiscuous mode
[  645.627460][T10186] device hsr_slave_1 left promiscuous mode
[  646.286069][    C1] vxcan1: j1939_tp_rxtimer: 0xffff8880757ee000: rx timeout, send abort
[  646.383050][    C1] vxcan1: j1939_xtp_rx_abort_one: 0xffff8880757ee000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  647.964905][T10212] xt_hashlimit: max too large, truncated to 1048576
[  648.021957][T10212] No such timeout policy "syz1"
[  648.902479][T10225] 9pnet_fd: Insufficient options for proto=fd
[  649.458043][T10241] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1631'.
[  651.808661][T10272] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  651.993547][T10275] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  652.026967][T10272] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  652.054308][T10272] netlink: 'syz.2.1642': attribute type 10 has an invalid length.
[  653.597318][T10313] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  653.829311][T10313] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  653.850045][T10313] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  653.893225][T10313] netlink: 'syz.4.1659': attribute type 10 has an invalid length.
[  654.893396][    C1] vxcan1: j1939_tp_rxtimer: 0xffff888056f8ec00: rx timeout, send abort
[  654.902932][    C1] vxcan1: j1939_xtp_rx_abort_one: 0xffff888056f8ec00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  655.029256][T10341] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1671'.
[  655.137260][T10343] Illegal XDP return value 4291029880 on prog  (id 77) dev N/A, expect packet loss!
[  655.278120][T10349] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1674'.
[  655.288639][T10349] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1674'.
[  655.299289][T10349] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1674'.
[  655.386180][T10351] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1676'.
[  655.396524][T10351] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1676'.
[  655.400241][T10347] netlink: 'syz.2.1670': attribute type 29 has an invalid length.
[  655.411664][T10351] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1676'.
[  655.424354][T10351] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1676'.
[  655.666849][T10347] netlink: 'syz.2.1670': attribute type 29 has an invalid length.
[  655.736467][T10357] netlink: 'syz.2.1670': attribute type 29 has an invalid length.
[  656.094150][T10361] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  656.162285][T10361] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  656.294921][T10369] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  656.498933][T10361] netlink: 'syz.0.1678': attribute type 10 has an invalid length.
[  656.703154][T10373] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1683'.
[  657.027818][T10381] netlink: 4595 bytes leftover after parsing attributes in process `syz.4.1687'.
[  658.556904][   T49] Bluetooth: hci5: unexpected event 0x2f length: 509 > 260
[  660.572215][    C0] vxcan1: j1939_tp_rxtimer: 0xffff888026504c00: rx timeout, send abort
[  660.589199][    C0] vxcan1: j1939_xtp_rx_abort_one: 0xffff888026504c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  660.948740][T10412] __nla_validate_parse: 5 callbacks suppressed
[  660.948760][T10412] netlink: 60 bytes leftover after parsing attributes in process `syz.7.1698'.
[  663.833112][T10446] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1710'.
[  664.091779][T10450] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1712'.
[  664.136787][T10450] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1712'.
[  667.335228][T10482] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1724'.
[  667.386924][T10482] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1724'.
[  669.523180][T10503] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1731'.
[  669.892966][   T49] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  670.910789][T10516] bridge0: port 1(bridge_slave_0) entered disabled state
[  670.979641][T10517] bridge0: port 1(bridge_slave_0) entered blocking state
[  670.986926][T10517] bridge0: port 1(bridge_slave_0) entered forwarding state
[  671.254948][T10520] netlink: 'syz.0.1736': attribute type 6 has an invalid length.
[  671.417081][T10523] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1737'.
[  671.426128][T10523] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1737'.
[  671.478999][T10524] netlink: 'syz.7.1738': attribute type 10 has an invalid length.
[  671.512192][T10524] team0: Port device wlan1 added
[  672.936005][T10539] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1742'.
[  673.024682][T10542] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1743'.
[  676.630849][T10574] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1757'.
[  676.747353][T10577] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1756'.
[  678.722319][T10599] netlink: 'syz.7.1764': attribute type 10 has an invalid length.
[  678.824975][T10599] team0: Port device macvlan0 added
[  679.737332][T10602] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1766'.
[  679.994689][T10610] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1769'.
[  681.641687][T10637] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1779'.
[  683.535787][T10650] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1781'.
[  685.747796][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  685.754227][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  685.981324][T10686] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  686.027422][T10689] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1795'.
[  686.091936][T10686] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  686.154964][T10686] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  686.985628][T10711] netlink: 132 bytes leftover after parsing attributes in process `syz.6.1806'.
[  689.811572][T10726] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1808'.
[  689.915596][T10730] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1809'.
[  692.336996][T10743] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  693.737173][T10753] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  697.623737][T10773] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1822'.
[  697.657729][   T49] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  701.664037][T10811] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  701.835724][T10811] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  702.728448][T10811] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  702.974520][T10824] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1832'.
[  703.530891][T10823] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1836'.
[  703.566846][   T49] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  707.331788][T10845] netlink: 48 bytes leftover after parsing attributes in process `syz.6.1824'.
[  709.179474][T10876] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  709.749674][T10883] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1849'.
[  709.800007][T10876] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  710.405137][T10882] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  710.686677][T10898] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1854'.
[  713.945367][T10952] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1871'.
[  714.100205][T10955] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  714.173911][T10955] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  714.207150][T10955] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  714.960332][    C0] vxcan1: j1939_tp_rxtimer: 0xffff88807dc65c00: rx timeout, send abort
[  714.969114][    C0] vxcan1: j1939_xtp_rx_abort_one: 0xffff88807dc65c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  717.832733][T11000] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1889'.
[  718.817470][T11013] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  718.898597][T11013] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  718.916313][T11013] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  720.037688][    C0] vxcan1: j1939_tp_rxtimer: 0xffff88805644a400: rx timeout, send abort
[  720.046214][    C0] vxcan1: j1939_xtp_rx_abort_one: 0xffff88805644a400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  721.707400][T11051] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1907'.
[  726.588279][T11086] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  727.787417][T11086] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  729.222902][T11112] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1926'.
[  729.239502][T11112] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1926'.
[  729.266869][T11112] device hsr_slave_0 left promiscuous mode
[  729.414178][T11112] device hsr_slave_1 left promiscuous mode
[  730.881922][T11138] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  730.989928][T11138] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  731.036742][T11138] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  731.176408][T11155] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1945'.
[  732.699484][T11175] tmpfs: Unknown parameter 'grpquota'
[  735.789002][T11204] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  735.904966][T11204] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  735.951439][T11204] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  736.983724][T11216] overlayfs: failed to clone upperpath
[  738.277024][T11239] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  738.349982][T11239] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  738.395094][T11239] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  738.626086][T11248] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1979'.
[  742.275766][T11270] netlink: 84 bytes leftover after parsing attributes in process `syz.7.1987'.
[  742.711745][T11284] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1991'.
[  743.496862][T11291] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  743.583453][T11292] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  743.710676][T11184] Set syz1 is full, maxelem 65536 reached
[  746.814958][T11324] overlayfs: failed to clone upperpath
[  746.945584][T11326] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2006'.
[  747.060750][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[  747.077731][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[  750.919314][T11364] 
[  750.921723][T11364] ======================================================
[  750.928772][T11364] WARNING: possible circular locking dependency detected
[  750.935846][T11364] syzkaller #0 Not tainted
[  750.940294][T11364] ------------------------------------------------------
[  750.947348][T11364] syz.7.2016/11364 is trying to acquire lock:
[  750.953449][T11364] ffff88807bec4d00 (team->team_lock_key#8){+.+.}-{3:3}, at: team_del_slave+0x2e/0x1c0
[  750.963126][T11364] 
[  750.963126][T11364] but task is already holding lock:
[  750.970522][T11364] ffff8880652b07c8 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: nl80211_del_interface+0x112/0x130
[  750.980424][T11364] 
[  750.980424][T11364] which lock already depends on the new lock.
[  750.980424][T11364] 
[  750.990857][T11364] 
[  750.990857][T11364] the existing dependency chain (in reverse order) is:
[  750.999896][T11364] 
[  750.999896][T11364] -> #1 (&rdev->wiphy.mtx){+.+.}-{3:3}:
[  751.007654][T11364]        __mutex_lock+0x12d/0xaf0
[  751.012708][T11364]        ieee80211_open+0x140/0x200
[  751.017948][T11364]        __dev_open+0x2c7/0x430
[  751.022827][T11364]        dev_open+0xa7/0x180
[  751.027442][T11364]        team_add_slave+0x6e5/0x2870
[  751.032752][T11364]        do_setlink+0xd3a/0x3e60
[  751.037719][T11364]        rtnl_newlink+0x177c/0x2080
[  751.043033][T11364]        rtnetlink_rcv_msg+0x87c/0xfc0
[  751.048517][T11364]        netlink_rcv_skb+0x1fb/0x450
[  751.053834][T11364]        netlink_unicast+0x74d/0x8d0
[  751.059147][T11364]        netlink_sendmsg+0x8ad/0xbd0
[  751.064461][T11364]        ____sys_sendmsg+0x5be/0x970
[  751.069772][T11364]        ___sys_sendmsg+0x2a2/0x360
[  751.075006][T11364]        __se_sys_sendmsg+0x1bb/0x2a0
[  751.080410][T11364]        do_syscall_64+0x4c/0xa0
[  751.085370][T11364]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  751.091812][T11364] 
[  751.091812][T11364] -> #0 (team->team_lock_key#8){+.+.}-{3:3}:
[  751.100006][T11364]        __lock_acquire+0x2d07/0x7d10
[  751.105409][T11364]        lock_acquire+0x1bb/0x4a0
[  751.110467][T11364]        __mutex_lock+0x12d/0xaf0
[  751.115519][T11364]        team_del_slave+0x2e/0x1c0
[  751.120660][T11364]        team_device_event+0x391/0x9c0
[  751.126145][T11364]        raw_notifier_call_chain+0xcb/0x160
[  751.132060][T11364]        unregister_netdevice_many+0x1086/0x1930
[  751.138425][T11364]        unregister_netdevice_queue+0x324/0x370
[  751.144695][T11364]        _cfg80211_unregister_wdev+0x177/0x590
[  751.150878][T11364]        ieee80211_if_remove+0x1bd/0x2c0
[  751.156563][T11364]        ieee80211_del_iface+0x15/0x20
[  751.162046][T11364]        cfg80211_remove_virtual_intf+0x243/0x450
[  751.168505][T11364]        genl_family_rcv_msg_doit+0x22a/0x330
[  751.174608][T11364]        genl_rcv_msg+0x604/0x790
[  751.179660][T11364]        netlink_rcv_skb+0x1fb/0x450
[  751.184969][T11364]        genl_rcv+0x24/0x40
[  751.189502][T11364]        netlink_unicast+0x74d/0x8d0
[  751.194822][T11364]        netlink_sendmsg+0x8ad/0xbd0
[  751.200138][T11364]        ____sys_sendmsg+0x5be/0x970
[  751.205461][T11364]        ___sys_sendmsg+0x2a2/0x360
[  751.210692][T11364]        __se_sys_sendmsg+0x1bb/0x2a0
[  751.216098][T11364]        do_syscall_64+0x4c/0xa0
[  751.221065][T11364]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  751.227510][T11364] 
[  751.227510][T11364] other info that might help us debug this:
[  751.227510][T11364] 
[  751.237753][T11364]  Possible unsafe locking scenario:
[  751.237753][T11364] 
[  751.245268][T11364]        CPU0                    CPU1
[  751.250653][T11364]        ----                    ----
[  751.256030][T11364]   lock(&rdev->wiphy.mtx);
[  751.260562][T11364]                                lock(team->team_lock_key#8);
[  751.268079][T11364]                                lock(&rdev->wiphy.mtx);
[  751.275156][T11364]   lock(team->team_lock_key#8);
[  751.280125][T11364] 
[  751.280125][T11364]  *** DEADLOCK ***
[  751.280125][T11364] 
[  751.288282][T11364] 3 locks held by syz.7.2016/11364:
[  751.293500][T11364]  #0: ffffffff8dda6490 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40
[  751.301719][T11364]  #1: ffffffff8dd46268 (rtnl_mutex){+.+.}-{3:3}, at: nl80211_pre_doit+0x5b/0x930
[  751.310985][T11364]  #2: ffff8880652b07c8 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: nl80211_del_interface+0x112/0x130
[  751.321291][T11364] 
[  751.321291][T11364] stack backtrace:
[  751.327219][T11364] CPU: 1 PID: 11364 Comm: syz.7.2016 Not tainted syzkaller #0
[  751.334691][T11364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  751.344772][T11364] Call Trace:
[  751.348081][T11364]  <TASK>
[  751.351028][T11364]  dump_stack_lvl+0x188/0x24e
[  751.355741][T11364]  ? load_image+0x400/0x400
[  751.360270][T11364]  ? show_regs_print_info+0x12/0x12
[  751.365503][T11364]  ? print_circular_bug+0x12b/0x1a0
[  751.370733][T11364]  check_noncircular+0x296/0x330
[  751.375701][T11364]  ? add_chain_block+0x940/0x940
[  751.380674][T11364]  ? lockdep_lock+0xf1/0x1f0
[  751.385291][T11364]  ? _find_first_zero_bit+0xcf/0x100
[  751.390602][T11364]  __lock_acquire+0x2d07/0x7d10
[  751.395493][T11364]  ? __lock_acquire+0x28c4/0x7d10
[  751.400585][T11364]  ? verify_lock_unused+0x140/0x140
[  751.405818][T11364]  ? verify_lock_unused+0x140/0x140
[  751.411046][T11364]  ? __up_read+0x2b2/0x6b0
[  751.415499][T11364]  lock_acquire+0x1bb/0x4a0
[  751.420056][T11364]  ? team_del_slave+0x2e/0x1c0
[  751.424847][T11364]  ? __might_sleep+0xd0/0xd0
[  751.429459][T11364]  ? read_lock_is_recursive+0x10/0x10
[  751.434868][T11364]  __mutex_lock+0x12d/0xaf0
[  751.439405][T11364]  ? team_del_slave+0x2e/0x1c0
[  751.444239][T11364]  ? __lock_acquire+0x7d10/0x7d10
[  751.449412][T11364]  ? trace_contention_end+0x5f/0x170
[  751.454773][T11364]  ? __mutex_lock+0x1ab/0xaf0
[  751.459478][T11364]  ? team_del_slave+0x2e/0x1c0
[  751.464267][T11364]  ? mutex_lock_nested+0x10/0x10
[  751.469244][T11364]  ? __mutex_unlock_slowpath+0x1b0/0x6c0
[  751.474931][T11364]  ? memset+0x1e/0x40
[  751.478971][T11364]  team_del_slave+0x2e/0x1c0
[  751.483590][T11364]  team_device_event+0x391/0x9c0
[  751.488555][T11364]  ? xsk_notifier+0x20d/0x220
[  751.493265][T11364]  raw_notifier_call_chain+0xcb/0x160
[  751.498664][T11364]  unregister_netdevice_many+0x1086/0x1930
[  751.504504][T11364]  ? alloc_netdev_mqs+0xf00/0xf00
[  751.509559][T11364]  ? kernfs_remove_by_name_ns+0x113/0x150
[  751.515304][T11364]  ? __lock_acquire+0x7d10/0x7d10
[  751.520368][T11364]  unregister_netdevice_queue+0x324/0x370
[  751.526115][T11364]  ? list_netdevice+0x6c0/0x6c0
[  751.530988][T11364]  ? kernfs_remove_by_name_ns+0x113/0x150
[  751.536738][T11364]  _cfg80211_unregister_wdev+0x177/0x590
[  751.542419][T11364]  ieee80211_if_remove+0x1bd/0x2c0
[  751.547575][T11364]  ieee80211_del_iface+0x15/0x20
[  751.552532][T11364]  cfg80211_remove_virtual_intf+0x243/0x450
[  751.558459][T11364]  genl_family_rcv_msg_doit+0x22a/0x330
[  751.564044][T11364]  ? end_current_label_crit_section+0x170/0x170
[  751.570310][T11364]  ? genl_family_rcv_msg_dumpit+0x3c0/0x3c0
[  751.576240][T11364]  ? bpf_lsm_capable+0x5/0x10
[  751.580940][T11364]  ? security_capable+0x85/0xb0
[  751.585811][T11364]  genl_rcv_msg+0x604/0x790
[  751.590347][T11364]  ? genl_bind+0x360/0x360
[  751.594792][T11364]  ? nl80211_new_interface+0xfa0/0xfa0
[  751.600287][T11364]  netlink_rcv_skb+0x1fb/0x450
[  751.605079][T11364]  ? genl_bind+0x360/0x360
[  751.609527][T11364]  ? netlink_ack+0x1170/0x1170
[  751.614338][T11364]  ? down_read+0x1a8/0x2d0
[  751.618780][T11364]  genl_rcv+0x24/0x40
[  751.622790][T11364]  netlink_unicast+0x74d/0x8d0
[  751.627584][T11364]  netlink_sendmsg+0x8ad/0xbd0
[  751.632376][T11364]  ? netlink_getsockopt+0x550/0x550
[  751.637609][T11364]  ? aa_sock_msg_perm+0x94/0x150
[  751.642586][T11364]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  751.647899][T11364]  ? security_socket_sendmsg+0x7c/0xa0
[  751.653394][T11364]  ? netlink_getsockopt+0x550/0x550
[  751.658642][T11364]  ____sys_sendmsg+0x5be/0x970
[  751.663443][T11364]  ? __sys_sendmsg_sock+0x30/0x30
[  751.668502][T11364]  ? __import_iovec+0x315/0x500
[  751.673383][T11364]  ? import_iovec+0x6f/0xa0
[  751.677910][T11364]  ___sys_sendmsg+0x2a2/0x360
[  751.682632][T11364]  ? try_to_wake_up+0x67c/0x1080
[  751.687617][T11364]  ? __sys_sendmsg+0x290/0x290
[  751.692447][T11364]  __se_sys_sendmsg+0x1bb/0x2a0
[  751.697354][T11364]  ? __x64_sys_sendmsg+0x80/0x80
[  751.702321][T11364]  ? lockdep_hardirqs_on+0x94/0x140
[  751.707542][T11364]  do_syscall_64+0x4c/0xa0
[  751.711983][T11364]  ? clear_bhb_loop+0x60/0xb0
[  751.716684][T11364]  ? clear_bhb_loop+0x60/0xb0
[  751.721384][T11364]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  751.727353][T11364] RIP: 0033:0x7f1167d9bf79
[  751.731795][T11364] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  751.751433][T11364] RSP: 002b:00007f1168c48028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  751.759879][T11364] RAX: ffffffffffffffda RBX: 00007f1168015fa0 RCX: 00007f1167d9bf79
[  751.767875][T11364] RDX: 0000000020004080 RSI: 0000200000000240 RDI: 000000000000000a
[  751.775876][T11364] RBP: 00007f1167e327e0 R08: 0000000000000000 R09: 0000000000000000
[  751.783871][T11364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  751.791865][T11364] R13: 00007f1168016038 R14: 00007f1168015fa0 R15: 00007ffdec745728
[  751.799871][T11364]  </TASK>
[  751.827507][T11364] team0: Port device wlan1 removed