last executing test programs:

7m26.401309222s ago: executing program 2 (id=383):
lchown(&(0x7f0000000440)='./cgroup/cgroup.procs\x00', 0xffffffffffffffff, 0x0)
sendmsg$DEVLINK_CMD_SB_GET(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$nilfs2(&(0x7f0000000080), &(0x7f0000000280)='./file0\x00', 0x8000, &(0x7f0000000140)=ANY=[@ANYRES16=0x0], 0x11, 0xb0d, &(0x7f0000000d80)="$eJzs3U2sXFUBAOAz8968H1roFAs8C/IjCKjwCq9P/Gm0JRATCSXGDQlx05SCjbUmYqISEtuuTYSQalz5E1dsCBoT2ZimKzck0oSYsEIXmtDUSOJCq+2YN3POvDuHmXdn3s/MvM73JXfOnHvuvefcO3fu/z0nABOr2vxcXl6ohHD2zVcff//ev82v9DnYHqLe/JwuxGohhEqMT2fTe2+qFV754KWj3cJKWGp+pnh46lJ73B0hhFPhznAu1MPesxdeeWvpycOnnzhz19uvHbi4NXMPAACT5avnDizf9Jc/3br78uu3Hwqz7f7p+Lwe4zvjcf+heOCfjv+roTNeKXRFM9lw07GrzncON9VluGI+tWy46RAa3fKfyfKv9SjnbFg7/6lCv27zDdtZWo/roVJd7IhXq4uLrXPy0Dyvn6ksnjx+4rkXRlRQYNP9644Qwp2F7rEznfFx6w6OQRnW2TXGoAzbsjs0vLwuN1pGPs9D6hq7Rr0FAmjJ7xd+yKn8ysLG5FMry//So9U1x4eNGPb632l27fxntjr/Neb/nvOtcFT5JyPO/9enbXHYPNfq2pTmK/2PdsZ4fh8hf36p9/8vv9PR2Xcqm16c/lxZOXvdR9gu9xd6lXNqyOVYr17lz9eLa9UXY5iWw5ey9OL/J/9Nt8tvDHT37/z6v043bl3aGY+6HOPSdS6L2kam1RjhtgcYb/lzc410fzTKn+vL02dL0udK0udL0q8rSd9Rkg6T7Lff/XF4ubJ6np+f0w96PTxdZ7s+hjcMWJ5B78fl+efP/Q5qo/nnzxPDOPv9kaePfe7ZZy60nv+vtNf/q3F9T6cb9fjfOhcHSNcL8+vq7Wf/6535VLsO9/dwY1ae67sM3/y+p3O4Sivevkx7Q69yLHSOt6vXcLd1DlfPhpuPXX5BPz8+uS4bLx1/pO1qWl7T2fzWsvmYycqRtiu7Y7hSjh+9H2BD0vrY4/n/9s5tIdQqzx0/ceyhGE/r6R+narMr/R8ebrGBTdDv+z8LofP9n53t/rVqcbuwa7V/pbVdeCNOr7P/Ujufzv77Yzzt574xNd/sv3j02yee3fzZh4n2wg9e/OaREyeOfWdrvoTqVk15jL58eTyKMciXdNoyLuWZqC8r+9gxKEbJlxFvmIAtt++HrYOAB49/68jzx54/dnL/I4/sX1p65PP7l/c1j+v3FY/ui06NoLTAZlrd6a893I5hFQgAAAAAAAAAAAAo9b0nHr/wzvnPvtt6/3/1/b/0/n968rf1/v9qXRfVQv/QpXbc9B7g7i7pzWGyClZnsuFqsftIVt49WT43ZePdHMN2O37x/f+UXV6vayrPLVn/Wo9oVp3Ah+pLmcnqIMnbC/x4DM/E8FcBRqgy3713DLvVb138b6R1PdVPUagfo6F+4O0j/W5pbUj1mKTnvrvW61T4sXcPoYxsvmG8TjjqeQS6+8dE1f/9z9UZH6i+5foYlH2Suunh5vezdawTA3aN2a2d/uF1lr/R8yi9tvUbH4CCkbX/GS8MpuueKTz5h6/MrXRpsEuPdm4v8/pLYRB/fqczPu7tT251/nm7fcPOf9TzP+z2P9vt3/W9/ctazKuvL9///Pziu4Vsw95+88/nP94QquwZLP/LMf80N/eF/vJv/DLLP78h1Kf/Zvlf10f+Xeu2v63/PH9a+P6/mH9abPffXZ5/aC7/Vokrc53LIb9unO7/5deNkyvZ/Ke6PdfI/2svdvv919lQ49WYP0yy7dLO7KCy44j2Qfv62/+NTg3U/m//hc02a/lzGJ+J8bQhTs855PuEQcufnq9I+4GbsulXSvZv62n/d5waX5r09n+/EMOy/0Nq/zetj/W4yy/Em8syxWtdlu21uq2B7eq9ibr/ty26ub6Gq/UxTBj5vExC15hax3jtduJGXP5Go7G1F7RKjDRzRr78C+cJd4w4/5EY9fIvk7f/mz/3n7f/mx/j5+3/5ul5+795+nz8hXql5+3/5sszb/83T78lm27ePvBCSfpHS9L3dk9vn7bfWjL+bSXpHytJv6udfrBjiJR+e8n4d/RKj3NwY8n4d5ek31OS/omS9HvXSH9gZwj3F9KLbUCn8T9ZMv1rXXofZVLnHyZZ/n5e7///zcMsFjAE6f5Pr///npJ0YPv6yesPP/bMb75eb73/P9O+HpLu4x2K8Vo8f/p+jOf3vUMhvpJ2Psb/mqWP+/UOmCR5/Rn5/v2+knRg+0pn9f7fMIEqc917x7Cs3qpex/lsL5+K4adj+EAMH4zhYgz3xfDhGC4NqXxsjcfe+N2Blyur5/u7svR+nyevVDvP7DvqiQoh7O+zPPn1gUGfZ8/r8RvURvNf5+tgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI1Ntfi4vL1RCOPvmq48/ffj4vpU+B9tD1Juf04VYrT1eCA/FcCqGv4hfrnzw0tFieDWGlbAUKqHS7h+eutTOaUcI4VS4M5wL9bD37IVX3lp68vDpJ87c9fZrBy5u3RIAAACAa9//AwAA///sPRGX")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r2 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x10000000001, 0x0, 0x2, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000100)={r0, r1, 0x22, 0x0, @val=@kprobe_multi=@addrs={0x1, 0x1, 0x0, &(0x7f00000000c0)=[0x3], 0x6}}, 0x30)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r3}, 0x10)
timerfd_create(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
syz_open_dev$sndctrl(&(0x7f00000002c0), 0x9, 0x400)
preadv(0xffffffffffffffff, &(0x7f0000002400), 0x0, 0x20039c5, 0x0)
r4 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r4, &(0x7f0000002700)=""/102392, 0x18ff8)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000002c0)="d8000000140081054e81f782db44b9040a1d080243000000040000a118000200fe80000000000e1208000f0100810401a80016eaa40006400303000806600cfab94dcf5c0461c1d67f6f94007134cf6ee08002a0e408e8d8ef075c0100000000000000cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7d9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace80ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a00"/216, 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
execve(&(0x7f0000000000)='./cgroup/cgroup.procs/file0\x00', 0x0, 0x0)

7m25.955554927s ago: executing program 2 (id=385):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
syz_fuse_handle_req(r0, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fstat(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresgid(0x0, 0x0, r4)
r5 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd='])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
symlinkat(&(0x7f0000000400)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000001200)='./file1\x00')
readlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080)=""/29, 0x1d)
ioctl$VIDIOC_S_OUTPUT(r5, 0xc004562f, 0x0)
ioctl$VIDIOC_S_DV_TIMINGS(r5, 0xc0845657, 0x0)

7m24.879308454s ago: executing program 2 (id=387):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)
r3 = getpid()
r4 = syz_pidfd_open(r3, 0x0)
setns(r4, 0x24020000)
r5 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r5, 0x0)
socket$unix(0x1, 0x3, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r7, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r7, @ANYRES64=r6], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r7, 0x0)
ioctl$KVM_X86_SETUP_MCE(r7, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, 0xffffffffffffffff, 0x0)

7m24.392747422s ago: executing program 2 (id=389):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000a40), 0xffffffffffffffff)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
semtimedop(0x0, &(0x7f0000000280)=[{0x0, 0x0, 0x1000}], 0x1, 0x0)
semctl$IPC_RMID(0x0, 0x0, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, 0x0, 0x0)
add_key$keyring(&(0x7f0000000080), &(0x7f0000001100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r0, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000ac0)={0x20, r1, 0x203, 0x70bd26, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x800)

7m22.604746071s ago: executing program 2 (id=395):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x20, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x73cea2d47785b264, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r4}, 0x18)
r5 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
close(r5)
r7 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x1a1)
fcntl$setlease(r7, 0x400, 0x1)
r8 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*T9\xa9\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\xc0\xcb^h>\x1b\xb5d\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xc8\xd9d\x80\x13\x8fX\xb4\x19\xc4\\\xcb\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61!\xc6P\x13\xd0\x88gZ\xbe\xdfl\xfa\xff\xb0m;d07tx\xbb\xabd\xe5\x16\xc4\xae\xf0', 0x0)
write$binfmt_script(r8, &(0x7f0000000340)={'#! ', './file0'}, 0xb)
execveat(r8, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

7m20.861331634s ago: executing program 2 (id=397):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(0xffffffffffffffff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
link(&(0x7f0000001240)='./file1\x00', &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r4 = fsopen(&(0x7f00000003c0)='omfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
link(0x0, 0x0)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0)
ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000080)={0x0, 0x0})
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback, 0x7}], 0x1c)
sendmmsg$inet6(r0, &(0x7f00000002c0)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x2, @loopback, 0x629a}, 0x1c, &(0x7f0000000500)}}], 0x1, 0x3404c8d4)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000040)={0x0, 0x2}, 0x8)

7m5.242586451s ago: executing program 32 (id=397):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(0xffffffffffffffff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
link(&(0x7f0000001240)='./file1\x00', &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r4 = fsopen(&(0x7f00000003c0)='omfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
link(0x0, 0x0)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0)
ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000080)={0x0, 0x0})
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback, 0x7}], 0x1c)
sendmmsg$inet6(r0, &(0x7f00000002c0)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x2, @loopback, 0x629a}, 0x1c, &(0x7f0000000500)}}], 0x1, 0x3404c8d4)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000040)={0x0, 0x2}, 0x8)

2m20.546957647s ago: executing program 1 (id=987):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000340)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prlimit64(r1, 0x5, &(0x7f0000000000)={0x3, 0xf}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000001200)=ANY=[], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
sendmsg$NFT_MSG_GETCHAIN(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="14000000240a01010000"], 0x14}, 0x1, 0x0, 0x0, 0x4040004}, 0x0)
r4 = add_key$user(&(0x7f0000002100), &(0x7f0000002180)={'syz', 0x1}, &(0x7f00000021c0)='b', 0x1, 0xfffffffffffffffe)
r5 = add_key$user(&(0x7f0000000040), &(0x7f0000002340)={'syz', 0x3}, &(0x7f0000000100)="370c099069effa43de3e1404db09b4ce1ef77bde4b371532dd16447c1b13403656c86711f6e750026f23029a50d44299c7bf5c78dc5efae2d041016160e8bef7b30c05e298aa9572540dd950307987eef2115e1bcf512bea3410ca5a9e9f827e4b13490dbbd4fc5a45e0738b959acafd2c12863045265bcbc2c9426ac3f614746b436fe86a72dc642dd67d970604a69b4f22cd0076beedc18056ab4bea4c825b69a7a77adcd5488684872b1bb9eb84586549e11b080468668e8fd0e52ce0705a", 0xc0, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000400)={r4, r5, r4}, &(0x7f0000000280)=""/190, 0xbe, &(0x7f00000000c0)={&(0x7f00000005c0)={'xxhash64-generic\x00'}, &(0x7f00000003c0)="7088f839d5822a190d", 0x9})

2m19.064340655s ago: executing program 1 (id=990):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
write(r0, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
fsetxattr$trusted_overlay_origin(r4, &(0x7f00000001c0), 0x0, 0x0, 0x1)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r6, 0xae9a)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x5, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x1c, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x41901})
ioctl$KVM_RUN(r6, 0xae80, 0x0)

2m18.839389747s ago: executing program 1 (id=992):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454da, &(0x7f0000000080)={'batadv0\x00'})
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
mkdir(&(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xa0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000001080)=ANY=[@ANYBLOB="58000000020601080000000000000000000000040900020073797a3100000000050004000100000011000300686173683a6e65742c6e6574000000000c0007800800124000000002050005000a00000005000100060000008a7df18ee897e5f9647defadfc0774e16f8fd1fe46bbef34ac65d50913ae730e6fadb47420b4da11db5478cbcc47ae43280a4a66c522855b6778449d187cb2d55e2404e0f569972e3c00feb6fb4b84c1ee199af772bbe9db57fc0958bfa3bb6ceab93969c82577004ea57dde21ae26acf2e6d1e122d31a757f85b5962d51719a2ebaedae90"], 0x58}}, 0x0)
sendmsg$IPSET_CMD_FLUSH(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x4, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x4)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1})
syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000240)={'\x00', 0x52d35ce30131f272})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)

2m16.935437347s ago: executing program 1 (id=996):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
write(r0, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r6, &(0x7f0000000140)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r7, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
ptrace(0x10, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./bus\x00', 0x224410, &(0x7f0000000740), 0xfe, 0x4a1, &(0x7f00000001c0)="$eJzs3M1vVFUbAPDn3mnLN+3Li6h8SBWNjR8tLags3Gh0p4mJLnBjUttCKgM1tCRCiFZjcGlI3BvdGKJ/gSvdGHVl4lb3hoQoMQFdmDF35t4yU2ZKW6YdcH6/5JZz5p7pOc+ce+499x6mAXStwexHErE1In6JiP5atrHAYO2f61fPT/x19fxEEpXKq78n1XLXrp6fKIoW79uSZ4bSiPTDJK+k0ezZcyfGy+Wp03l+ZO7k2yOzZ889OX1y/PjU8alTY0eOHD40+szTY0+1Jc4srmu7353Zm/S8fvHliaMX3/zhqzQidu2r7a+P47akWxaSg1ngf1SqFhd7pC2V3Tm21aWTng42hBUpRUTWXb3V8d8fpbjRef3x4gcdbRywprJr04bWu+crwH9YEp1uAdAZxYU+u/8ttnWaetwRrjxXuwHK4r6eb7U9PZHmZXrXsP77IuLo/N+fZlvk/fDP1jWsEADoet9k858nms3/0thVV257voYyEBH/i4gdEfH/iNgZEfdEVMvem89nVqK2NFRayN88/0wvrzq4Zcjmf8/ma1uN879i9hcDpTy3rRp/b3Jsujx1MP9MhqJ3Q5YfXaKOb1/4+eNW+wbr5n/ZltVfzAXzdlzuWfSAbnJ8brxdk9Ir70fs7mkWf7KwEpBExP0RsXtlv3p7kZh+7NLeVoVuHf8S2rDOVPks4tFa/8/HovgLydLrkyMbozx1cKQ4Km72408XXmle+8bbi78Nsv7f3Hj8LyrR/2dSv147u/I6Lvz6Uct7ytUe/33Ja9Ux2Ze/9s743Nzp0Yi+5KVqvuH1sRvvLfJF+Sz+oQPNx/+O/D1Z/HsiIjuI90XEAxGxP2/7gxHxUEQcWCL+759/+K0VxT+9vv0/2fT8t3D8DzT2/8oTpRPffd2q/jz+4mTbov8PV1ND+SvV898ttG5OlKciKpVVH80AAABw98luvLdGkg4vpNN0eLj2f/h3xua0PDM79/ixmTOnJmvfERiI3rR40tWfPw/N7rZHk/n8N9aej47lz4qL56WH8ufGn5Q2VfPDEzPlyQ7HDt1uS4vxn/mt1OnWAWvO97Wgey0e/2mH2gGsP9d/6F7GP3Qv4x+6V934//LMhT3VxHvVn/sXdjRdC1jiL4cAd4dF1/9Ln3eqIcC6M/+H7mX8Q/cy/qEr3c73+juT2JS3/FaF+zrf1NUlvuidLWXx1e1KeiI637DGRKRLlXkjmu8ajIg1aljcER9LuxPJMg715SaOHc+HznIKd/KsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0D7/BgAA//9ajd4t")

2m14.109632028s ago: executing program 1 (id=1001):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
fcntl$getownex(r0, 0x10, &(0x7f0000000340)={0x0, <r1=>0x0})
sched_setscheduler(r1, 0x2, &(0x7f00000002c0)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r5, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x1c0)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r5, 0x84, 0x10, &(0x7f0000000040)=@assoc_value, 0x8)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="20f6c734e3d81107", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000200), 0x1)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
openat$iommufd(0xffffffffffffff9c, &(0x7f00000001c0), 0x40800, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000300)=@framed={{0x7a, 0xa, 0x0, 0xff00, 0x90ffffff, 0x71, 0x10, 0x43}}, &(0x7f0000000480)='syzkaller\x00'}, 0x94)
sendto$inet6(r0, &(0x7f0000000080)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
writev(r0, &(0x7f0000000100)=[{&(0x7f0000000180)="c2", 0x1}], 0x1)
write$UHID_SET_REPORT_REPLY(r0, &(0x7f00000007c0)=ANY=[], 0xffe0)

2m11.678720551s ago: executing program 1 (id=1006):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000002000)={0x1, 0x2, 0x0, 0x4})
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x2000000000, 0x4})
r2 = socket(0x2b, 0x80801, 0x1)
setsockopt$IP_VS_SO_SET_FLUSH(r2, 0x0, 0x485, 0x0, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
socket$packet(0x11, 0x2, 0x300)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000340), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r4, 0x401c5504, &(0x7f0000000800)={0x0, {0x3, 0x0, 0x8000005, 0x3, 0x5, 0x80000001}})
ioctl$UI_DEV_SETUP(r4, 0x405c5503, &(0x7f00000001c0)={{0x0, 0x0, 0xfffd, 0x8001}, 'syz1\x00'})
ioctl$UI_SET_EVBIT(r4, 0x40045564, 0x3)
ioctl$UI_DEV_SETUP(r4, 0x5501, 0x0)
write$uinput_user_dev(r4, &(0x7f0000000900)={'syz1\x00', {0x0, 0x0, 0x6}, 0x37b4, [0xfeff, 0x4, 0x0, 0x0, 0x0, 0x20000, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0xfffffffd, 0x3, 0x100, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0xbffffffe, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x1, 0x0, 0xfffffffc, 0x3, 0xffffffff, 0x0, 0xffff, 0x0, 0x20, 0x6, 0x5, 0x70000000, 0x0, 0x0, 0x7, 0x8, 0x0, 0x0, 0x6, 0x0, 0xfffffffd, 0x0, 0x6, 0x0, 0x0, 0x20004, 0x0, 0xfffffffe, 0x105], [0x10, 0xffffffff, 0x7, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0xbb, 0x1, 0xfffffffc, 0x9, 0x800, 0xffffffd6, 0xfffffffc, 0x0, 0x1, 0x0, 0xffffffff, 0x2ec6a, 0x5, 0x40000000, 0xffffffff, 0xfffffffc, 0x7fffffff, 0x8001, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xfffffffc, 0x0, 0x8c, 0x0, 0x0, 0x4, 0x5, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x80, 0x0, 0x3, 0x0, 0x9, 0x800000, 0x7], [0x0, 0x4, 0x0, 0x0, 0xffffffff, 0x1, 0xa000000, 0x0, 0x0, 0xb78, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x4f, 0x0, 0x0, 0x10000, 0x0, 0x80, 0x520, 0xd, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0xfffffffc, 0x2af, 0x0, 0x9, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x6, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x100, 0xff, 0x80000001, 0x0, 0x4, 0x2, 0x400000, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3], [0x0, 0x0, 0x0, 0x6, 0x0, 0x401, 0x0, 0x211, 0x4, 0x0, 0x100, 0x3, 0x5, 0x0, 0x80, 0x0, 0x3, 0x0, 0x2, 0x1, 0x7fff, 0x0, 0xd, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xffffeffd, 0x3, 0x0, 0x0, 0x3, 0x4, 0xfffffffe, 0x4, 0x3, 0x0, 0x0, 0x1, 0x80000001, 0x100, 0x0, 0x3, 0x3, 0xfffffffd, 0x53591b24, 0x3fffffd, 0x2, 0x5, 0x5, 0x400, 0x7, 0x9, 0x0, 0x0, 0x80000000, 0x1000000, 0x0, 0x3]}, 0x45c)
socket$key(0xf, 0x3, 0x2)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000340)={<r5=>0xffffffffffffffff})
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r5})
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000001580)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in=@local, 0x0, 0x0, 0x4e24, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0xfffffffffffffffe}, {0x0, 0x0, 0x0, 0x5c}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x4d2, 0x33}, 0x0, @in=@private=0xa010100, 0x3506, 0x0, 0x2, 0xb7, 0x2}}, 0xe8)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x1c)

1m56.219615102s ago: executing program 33 (id=1006):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000002000)={0x1, 0x2, 0x0, 0x4})
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x2000000000, 0x4})
r2 = socket(0x2b, 0x80801, 0x1)
setsockopt$IP_VS_SO_SET_FLUSH(r2, 0x0, 0x485, 0x0, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
socket$packet(0x11, 0x2, 0x300)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000340), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r4, 0x401c5504, &(0x7f0000000800)={0x0, {0x3, 0x0, 0x8000005, 0x3, 0x5, 0x80000001}})
ioctl$UI_DEV_SETUP(r4, 0x405c5503, &(0x7f00000001c0)={{0x0, 0x0, 0xfffd, 0x8001}, 'syz1\x00'})
ioctl$UI_SET_EVBIT(r4, 0x40045564, 0x3)
ioctl$UI_DEV_SETUP(r4, 0x5501, 0x0)
write$uinput_user_dev(r4, &(0x7f0000000900)={'syz1\x00', {0x0, 0x0, 0x6}, 0x37b4, [0xfeff, 0x4, 0x0, 0x0, 0x0, 0x20000, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0xfffffffd, 0x3, 0x100, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0xbffffffe, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x1, 0x0, 0xfffffffc, 0x3, 0xffffffff, 0x0, 0xffff, 0x0, 0x20, 0x6, 0x5, 0x70000000, 0x0, 0x0, 0x7, 0x8, 0x0, 0x0, 0x6, 0x0, 0xfffffffd, 0x0, 0x6, 0x0, 0x0, 0x20004, 0x0, 0xfffffffe, 0x105], [0x10, 0xffffffff, 0x7, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0xbb, 0x1, 0xfffffffc, 0x9, 0x800, 0xffffffd6, 0xfffffffc, 0x0, 0x1, 0x0, 0xffffffff, 0x2ec6a, 0x5, 0x40000000, 0xffffffff, 0xfffffffc, 0x7fffffff, 0x8001, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xfffffffc, 0x0, 0x8c, 0x0, 0x0, 0x4, 0x5, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x80, 0x0, 0x3, 0x0, 0x9, 0x800000, 0x7], [0x0, 0x4, 0x0, 0x0, 0xffffffff, 0x1, 0xa000000, 0x0, 0x0, 0xb78, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x4f, 0x0, 0x0, 0x10000, 0x0, 0x80, 0x520, 0xd, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0xfffffffc, 0x2af, 0x0, 0x9, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x6, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x100, 0xff, 0x80000001, 0x0, 0x4, 0x2, 0x400000, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3], [0x0, 0x0, 0x0, 0x6, 0x0, 0x401, 0x0, 0x211, 0x4, 0x0, 0x100, 0x3, 0x5, 0x0, 0x80, 0x0, 0x3, 0x0, 0x2, 0x1, 0x7fff, 0x0, 0xd, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xffffeffd, 0x3, 0x0, 0x0, 0x3, 0x4, 0xfffffffe, 0x4, 0x3, 0x0, 0x0, 0x1, 0x80000001, 0x100, 0x0, 0x3, 0x3, 0xfffffffd, 0x53591b24, 0x3fffffd, 0x2, 0x5, 0x5, 0x400, 0x7, 0x9, 0x0, 0x0, 0x80000000, 0x1000000, 0x0, 0x3]}, 0x45c)
socket$key(0xf, 0x3, 0x2)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000340)={<r5=>0xffffffffffffffff})
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={r5})
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000001580)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in=@local, 0x0, 0x0, 0x4e24, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0xfffffffffffffffe}, {0x0, 0x0, 0x0, 0x5c}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x4d2, 0x33}, 0x0, @in=@private=0xa010100, 0x3506, 0x0, 0x2, 0xb7, 0x2}}, 0xe8)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x1c)

10.240930129s ago: executing program 4 (id=1171):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000080)={0x4000, 0x2, 0x0, 0x6}, 0x10)
sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001240)=ANY=[@ANYBLOB="780000001a0001002abd7000000000000a2ffcf589"], 0x78}], 0x1, 0x0, 0x0, 0x20400}, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r6, @ANYRES64=r5], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r6, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000400)='./binderfs/binder1\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000380)="de547e22bade76f1a03b79e954ee20bc43f7fe47218a02ff8ba942478a7b69462fc21aff55002ce55e854564e7d309f20d222f9220c8d9b1b0d196137252587ab17948adf2dcbba03d2f3e0e647c2e70"})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f000000d000/0x2000)=nil, 0xfffffffffffffe74, 0x1000, 0x3, &(0x7f0000007000/0x1000)=nil)
sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
sendmsg$NFQNL_MSG_CONFIG(r6, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800400}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x3c, 0x2, 0x3, 0x201, 0x0, 0x0, {0x7, 0x0, 0x9}, [@NFQA_CFG_CMD={0x8, 0x1, {0x4, 0x0, 0x28}}, @NFQA_CFG_CMD={0x8, 0x1, {0x4, 0x0, 0x6}}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x1}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x9}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x81)

8.961001706s ago: executing program 0 (id=1175):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = inotify_init()
inotify_add_watch(r2, &(0x7f0000000400)='.\x00', 0x120)
inotify_add_watch(r2, &(0x7f00000001c0)='.\x00', 0x60000023)
sendmsg$nl_xfrm(r1, 0x0, 0x0)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x20080, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000063c0)={0x2020}, 0x2020)
recvmsg(0xffffffffffffffff, 0x0, 0x40002182)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x2)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r4)
sendmsg$NFC_CMD_LLC_SET_PARAMS(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x24, r5, 0x1, 0x70bd29, 0x25dfdbff, {}, [@NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x6c8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x40080}, 0x4000000)
ioctl$GIO_SCRNMAP(r3, 0x4b40, &(0x7f0000000140))
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_rr={{0x7}, {0x18, 0x2, {0x7, "bf32568d2fd41b329a5f8a92fc91d2ff"}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x44000800}, 0x4000010)
ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(r7, 0x6, 0xe, &(0x7f0000000480)={@in={{0x2, 0x4e23, @loopback}}, 0x0, 0x20000000005, 0x4a}, 0xd8)
bind$inet(r7, &(0x7f0000deb000)={0x2, 0x4e23, @multicast2}, 0x10)

8.91909991s ago: executing program 4 (id=1177):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100088}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$sock_inet_SIOCSIFPFLAGS(0xffffffffffffffff, 0x8934, &(0x7f0000000040)={'virt_wifi0\x00', 0x1})
r5 = socket$isdn_base(0x22, 0x3, 0x0)
ioctl(r5, 0x8b32, &(0x7f0000000040))
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=@newlink={0x3c, 0x12, 0xff05, 0x40000, 0x4, {0x0, 0x0, 0x4a00, 0x0, 0x2045, 0x2000}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x4}}}, @IFLA_TARGET_NETNSID={0x8, 0x2e, 0x3}]}, 0x3c}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
fsetxattr$trusted_overlay_nlink(r1, &(0x7f0000000040), &(0x7f0000000240)={'U-', 0x5}, 0x16, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000000}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newnexthop={0x24, 0x68, 0x1, 0x2, 0x7ffffffc, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)
sendmsg$nl_route(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@ipv4_newroute={0x24, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x10, 0x0, 0xfe, 0x4, 0x0, 0x1, 0x20000000}, [@RTA_NH_ID={0x8, 0x1e, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)

7.914194711s ago: executing program 0 (id=1178):
syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x800)
mkdir(0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x18)
r1 = syz_clone3(&(0x7f00000005c0)={0x4802c100, &(0x7f00000001c0), &(0x7f00000002c0), &(0x7f0000000340), {0x2a}, &(0x7f0000000400)=""/73, 0x49, &(0x7f0000000480)=""/215, &(0x7f0000000580)=[0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0], 0x8}, 0x58)
prlimit64(r1, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
capset(0x0, 0x0)
r5 = syz_open_dev$sg(&(0x7f0000000380), 0x0, 0x62001)
ioctl$SG_IO(r5, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffffffffffb, 0x5, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f00000003c0)="ea00000003", 0xfffffffffffffffd, 0x0, 0x10010, 0x2, 0x0})
r6 = socket(0x1000000000000010, 0x80802, 0x0)
sendmsg(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)}, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000035c0)="5c00000013006bcd9e3fe3dc4e48aa31086b8703340000001f00000000000000040014000d000a00140000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x240000c0)
r8 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_WATCH_KEY(0x20, r8, 0xffffffffffffffff, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)

7.883494294s ago: executing program 3 (id=1179):
keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f0000000280)={0x0, 0x6d}, &(0x7f0000000440)={'enc=', 'pkcs1', ' hash=', {'blake2s-256-arm\x00'}}, &(0x7f0000000500)="04600eb5122eab350e13d0f69191ce0495036eb278d25fba08cfe2248877119cc87cc81610e9f37ace91efbee7876c4bd848ef9c534a87abdff9f0d45d07a1f50458bc50b38ce2b23780126a003dfa6d82b29ac90067a2241d7baa930e5e6b670cad5c670ab534fbc8af4831b9", 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$xdp(0x2c, 0x3, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_ext={0x1c, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1f075, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x10000}, 0x94)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$setregs(0xd, r2, 0x80000001, 0x0)
ptrace$getregset(0x4205, r2, 0x1, &(0x7f0000000080)={&(0x7f0000019580)=""/120, 0x78})
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000100)={&(0x7f00000000c0)=""/15, 0x204000, 0x1400}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00'})
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000040)=0x4000, 0x4)
bind$xdp(r1, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_REG(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x30, r6, 0x1, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0x1c, 0x10d, 0x0, 0x1, [{0x4}, {0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x4}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x9}]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
sendmsg$NFNL_MSG_ACCT_GET(r4, &(0x7f0000000580)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x50, 0x1, 0x7, 0x101, 0x0, 0x0, {0x1, 0x0, 0x9}, [@NFACCT_FILTER={0x14, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x6}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1}]}, @NFACCT_FILTER={0x14, 0x7, 0x0, 0x1, [@NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x8000}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x1}]}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x4}]}, 0x50}, 0x1, 0x0, 0x0, 0x804c}, 0xc080)

6.851224397s ago: executing program 4 (id=1180):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x24000]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r3, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$UHID_CREATE2(r7, 0x0, 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r7, 0x0)
ioctl$KVM_X86_SETUP_MCE(r7, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r8 = syz_open_dev$loop(&(0x7f0000000240), 0xffffffff7ffffffd, 0x160862)
r9 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x82802, 0xf)
ioctl$LOOP_CONFIGURE(r8, 0x4c0a, &(0x7f00000004c0)={r9, 0x0, {0x0, 0x0, 0x0, 0x4, 0x4000000000000ffd, 0x0, 0x0, 0x1e, 0xc, "faf900000080149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d665f985881a350000ddffffff00", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "715237601a8ca5b07dcc141802c4dacf162e43ac61f7ad330000000000a04100", [0xfffffffffffffce8, 0xa]}})

6.802707522s ago: executing program 3 (id=1181):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='pids.events\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000340)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r3, 0x0)
creat(&(0x7f0000000380)='./bus\x00', 0xbc)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r5, @ANYRES64=r4], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r5, 0x0)
ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
pipe2$9p(&(0x7f00000001c0), 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r6 = socket(0x11, 0x2, 0x1)
setsockopt(r6, 0x107, 0x1, &(0x7f00000001c0)="110000000200060000071a806d8be255", 0x10)

6.769222795s ago: executing program 0 (id=1182):
r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800300}, 0x20000801)
recvmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x40002002)
recvmsg(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0xa3)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000080)={0x0, 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
r1 = gettid()
tkill(r1, 0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = io_uring_setup(0x669, &(0x7f00000002c0))
io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r0, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect)
ioctl$USBDEVFS_SETCONFIGURATION(r0, 0x80045505, &(0x7f0000000000)=0x1)

6.177908524s ago: executing program 3 (id=1183):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r3 = socket$kcm(0x10, 0x3, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x79, 0x8d, &(0x7f00000000c0))
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000080}, 0x8000)
sysinfo(&(0x7f00000004c0)=""/31)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
syz_80211_join_ibss(&(0x7f0000000100)='wlan1\x00', &(0x7f0000000180)=@default_ibss_ssid, 0x6, 0x2)
syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000140)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={0x50, r2, 0x1, 0x70bd28, 0x25dbdbfd, {{}, {@void, @val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x7ff, 0x78}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}, @NL80211_ATTR_MESH_ID={0xa}]}, 0x50}, 0x1, 0x0, 0x0, 0x91}, 0x24044884)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r5)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000e00000/0x3000)=nil, 0x3000, &(0x7f0000000000)='/dev/adsp1\x00')
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, 0x0, 0x20004450)
sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000003340)={{0x14}, [@NFT_MSG_NEWRULE={0x30, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x4}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xe}}}, 0x58}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000850)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x3c, r8, 0x431, 0x70bd28, 0x259fdbfc, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_RX={0x5}, @ETHTOOL_A_PAUSE_TX={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4c810}, 0x20000000)
mmap(&(0x7f0000e01000/0x1000)=nil, 0x1000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)

6.072414294s ago: executing program 4 (id=1184):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket(0x11, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
socket$key(0xf, 0x3, 0x2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
syz_usbip_server_init(0x1)
syz_usbip_server_init(0x0)
syz_usbip_server_init(0x2)
syz_usbip_server_init(0x2)
syz_usbip_server_init(0x5)
syz_usbip_server_init(0x0)
syz_usbip_server_init(0x0)
syz_open_dev$vcsu(&(0x7f0000000180), 0xc, 0x0)
syz_usbip_server_init(0x0)
syz_usbip_server_init(0x3)
r1 = syz_io_uring_setup(0x42e6, &(0x7f00000002c0)={0x0, 0x5eda, 0x10100, 0x6, 0x25d, 0x0, r0}, &(0x7f00000000c0)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpu.stat\x00', 0x275a, 0x0)
setsockopt$RDS_FREE_MR(r4, 0x114, 0x3, &(0x7f0000000080)={{0x5, 0x7fff}, 0x4}, 0x10)
syz_io_uring_submit(0x0, r3, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x22, 0x2000, @fd_index, 0x0, 0x7fffffff, 0x9, 0xa, 0x1, {0x2}})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0))
write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x49, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1})
io_uring_enter(r1, 0x7330, 0x0, 0x0, 0x0, 0x0)

5.301155771s ago: executing program 0 (id=1185):
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
ioctl$SIOCAX25ADDUID(r0, 0x89e1, 0x0)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
semtimedop(0x0, &(0x7f0000000280)=[{0x0, 0x0, 0x1000}], 0x1, 0x0)
semctl$IPC_RMID(0x0, 0x0, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r5 = add_key$keyring(&(0x7f0000000080), &(0x7f0000001100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000000)='asymmetric\x00', 0x0, &(0x7f0000000580)="303e3080020000000900f190c937dc6b14243b0402e8886ff204d830fa5b3ba026b4fb643891162fb3fbf36e7118a3d45a46b678a2e5b247a74f", 0x3a, r5)
openat$dir(0xffffffffffffff9c, 0x0, 0x51f180, 0x100)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f00000000c0)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000100)={@host})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
ioctl$SIOCAX25DELUID(r0, 0x89e2, &(0x7f0000000200)={0x3, @bcast})
getpeername$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @empty}, 0x0)

4.948693347s ago: executing program 3 (id=1186):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = inotify_init()
inotify_add_watch(r2, &(0x7f0000000400)='.\x00', 0x120)
inotify_add_watch(r2, &(0x7f00000001c0)='.\x00', 0x60000023)
sendmsg$nl_xfrm(r1, 0x0, 0x0)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x20080, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000063c0)={0x2020}, 0x2020)
recvmsg(0xffffffffffffffff, 0x0, 0x40002182)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x2)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r4)
sendmsg$NFC_CMD_LLC_SET_PARAMS(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x24, r5, 0x1, 0x70bd29, 0x25dfdbff, {}, [@NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x6c8}, @NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x40080}, 0x4000000)
ioctl$GIO_SCRNMAP(r3, 0x4b40, &(0x7f0000000140))
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_rr={{0x7}, {0x18, 0x2, {0x7, "bf32568d2fd41b329a5f8a92fc91d2ff"}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x44000800}, 0x4000010)
ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(r7, 0x6, 0xe, &(0x7f0000000480)={@in={{0x2, 0x4e23, @loopback}}, 0x0, 0x20000000005, 0x4a}, 0xd8)
bind$inet(r7, &(0x7f0000deb000)={0x2, 0x4e23, @multicast2}, 0x10)

4.270870784s ago: executing program 0 (id=1187):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
execveat(0xffffffffffffffff, &(0x7f00000050c0)='./file2\x00', 0x0, 0x0, 0x1100)
add_key$keyring(0x0, &(0x7f0000001f40)={'syz', 0x2}, 0x0, 0x0, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r4 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r5 = memfd_create(&(0x7f0000000440)='y\x105\xfb\xf7u\x83%\x1f\xe09@:r\xc2\xb9x0\x90P\x03\x00\x00\x00\x00\x00\x00\x00\xfe,\x1c\xf1\xdd\xcf]\xac\xbc\t\xbb\xfc\xa4j\x9f\xceX\x8f5=\xaa\xd5\xe9n\xab s\xa5\x00\x8d\tV\t\x91\x18\x06O\xb0=D\xda\xb6F\x1a\xc82\x8b\xc0l\xd0\x89d\xe6\xb7\xd8\x97\xb8\xde\xa3\x89\xc2%/u\x17\xdaM\x8d\x01Lh\x1e^\x9ej\x1c\xc5\xf0\xf6\x92\x05\x9aH\x00\'\xd4\x94d_\v\xfc\xad\x0f\xa8\xc5\xad\x00\xc2\x12\xff\xff\xff\xff\xff\xff\x00\x00\x00\x00\nj\x8c\xef\x90\xc0Z\xfa\x1a\xb3\xf0wVq\xe9d\xf8N\x80\xd1g\xd8e\xc8\x16\xad1\x02\xab\xce3\xb2\xb0\xd1\x11\xf0\xc2Gj+kV$\x80\x8aJ$\x81\xc0\x16\xf5\x9cz\x10\x97\xdb\x12H\xee/\xe3sY\x02D;L~\xd0\xb44\x01*\xfb\xa4 \xb2b\x90H$\xb2\xad\xbf\x8aM\xb6\x81\x81^\x02\xa0\xa7t\xfbHb\xa5=\xdd+$\xc06J\xb4\xf0\xab\x85Xz\x9f\xb2D$\xbe\xd9\x7f-\r\x9aj9r\n_\x11\xd4\x19\xb0\xa0G\xb7\x94\xf7\xfd~\xe9\xb6G\xbfE\xbb\x15\x15\xa6\xca2\xd0\xd3\x8c\xf7nO\xf9\xa8\xfd\x8a\xd2\xb2\xab\xff\xe4\xb0;\xd9\xa8\f\x03R\xbd%\x9fF\xee\x05\x11', 0x2)
syz_emit_ethernet(0x3a, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv6={0x86dd, @generic={0x7, 0x6, "66aac1", 0x4, 0x73, 0xff, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast2, {[], "3648f7fd"}}}}}, 0x0)
ftruncate(r5, 0xffff)
fcntl$addseals(r5, 0x409, 0x7)
r6 = ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000000000)={r5, 0x0, 0x0, 0x8000})
ioctl$DMA_BUF_IOCTL_SYNC(r6, 0x40086200, &(0x7f0000000080)=0x2)
mount(0x0, 0x0, &(0x7f0000000000)='devpts\x00', 0x0, 0x0)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r7, 0x84, 0x5, &(0x7f00000001c0)={0x0, @in={{0x2, 0x4e21, @multicast2}}}, 0x84)

3.928004989s ago: executing program 3 (id=1188):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100088}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$sock_inet_SIOCSIFPFLAGS(0xffffffffffffffff, 0x8934, &(0x7f0000000040)={'virt_wifi0\x00', 0x1})
r5 = socket$isdn_base(0x22, 0x3, 0x0)
ioctl(r5, 0x8b32, &(0x7f0000000040))
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=@newlink={0x3c, 0x12, 0xff05, 0x40000, 0x4, {0x0, 0x0, 0x4a00, 0x0, 0x2045, 0x2000}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x4}}}, @IFLA_TARGET_NETNSID={0x8, 0x2e, 0x3}]}, 0x3c}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
fsetxattr$trusted_overlay_nlink(r1, &(0x7f0000000040), &(0x7f0000000240)={'U-', 0x5}, 0x16, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000000}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newnexthop={0x24, 0x68, 0x1, 0x2, 0x7ffffffc, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)
sendmsg$nl_route(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@ipv4_newroute={0x24, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x10, 0x0, 0xfe, 0x4, 0x0, 0x1, 0x20000000}, [@RTA_NH_ID={0x8, 0x1e, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)

2.20391557s ago: executing program 4 (id=1189):
keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f0000000280)={0x0, 0x6d}, &(0x7f0000000440)={'enc=', 'pkcs1', ' hash=', {'blake2s-256-arm\x00'}}, &(0x7f0000000500)="04600eb5122eab350e13d0f69191ce0495036eb278d25fba08cfe2248877119cc87cc81610e9f37ace91efbee7876c4bd848ef9c534a87abdff9f0d45d07a1f50458bc50b38ce2b23780126a003dfa6d82b29ac90067a2241d7baa930e5e6b670cad5c670ab534fbc8af4831b9", 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$xdp(0x2c, 0x3, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_ext={0x1c, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1f075, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x10000}, 0x94)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$setregs(0xd, r2, 0x80000001, 0x0)
ptrace$getregset(0x4205, r2, 0x1, &(0x7f0000000080)={&(0x7f0000019580)=""/120, 0x78})
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000100)={&(0x7f00000000c0)=""/15, 0x204000, 0x1400}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00'})
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000040)=0x4000, 0x4)
bind$xdp(r1, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x2, 0x0, 0x7fff0000}]})
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_REG(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x30, r6, 0x1, 0x0, 0x0, {}, [@NL80211_ATTR_REG_RULES={0x1c, 0x10d, 0x0, 0x1, [{0x4}, {0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x4}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x9}]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
sendmsg$NFNL_MSG_ACCT_GET(r4, &(0x7f0000000580)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x50, 0x1, 0x7, 0x101, 0x0, 0x0, {0x1, 0x0, 0x9}, [@NFACCT_FILTER={0x14, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x6}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1}]}, @NFACCT_FILTER={0x14, 0x7, 0x0, 0x1, [@NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x8000}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x1}]}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x4}]}, 0x50}, 0x1, 0x0, 0x0, 0x804c}, 0xc080)

2.191404931s ago: executing program 0 (id=1196):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000001bc0)=ANY=[@ANYBLOB="757466383d312c6e6f6e756d7461696c3d302c6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d77696e39352c000f3556feecb6412e00c80bdee16891f8bf67c9f201996782a86d4bab33b4f23383380e4ccafc9da9def41b05c1dfb2cfa24e43aedf5536d3bce06ddda97c586bc37fab5366b1ab6fee95cc224e56e681e82dd4dbbde3785fdd0fc4e7df753a0e2658aa5e88e1d38366c7908a7b2b678ee4b4bfc7aafa2101c157745926241af5ac30189eced78c1611b972d03bfef046f4adcada230ef0ac02ede79fb7d92a8354670c01cb80361c1fde2cef3204a182323c318e10ef11cb24c435d589b17a396377800f"], 0x1, 0x21b, &(0x7f0000000300)="$eJzs2j+LHGUcB/DfnJHEC5dd8R8JiA9aqM2Q3doihyQgLiiaFaIgmXizuuy4e+wsBytirtLWl2AtlnaCpLS5xldgYXfNlSnEkWRjcnesxSHein4+zXzhmS88D8/w8BSz/9rXn44GdT4oZrGWZbF2JXbjbhbtWIs/7carL9/46fl3b7z/5mavd/WdlK5tXu90U0oXXvjxg8+/e/HO7Px731/44WzstT/cP+j+uvfs3sX9369/MqzTsE7jySwV6dZkMituVWXaGtajPKW3q7KoyzQc1+X0yPigmmxvz1Mx3tpY356WdZ2K8TyNynmaTdJsOk/Fx8VwnPI8Txvrwd/R//Zu08RB8/jNaJrmiW/i/J3Y+CVakT2ZsqeuZM/czJ7bzS4eNE1r1VPlH2H//98OHernIqqvdvo7/cVzMb45iGFUUcblaMVvce8zeWCRr73Ru3o53deOL6vbD/q3d/qPHe13ohXt5f3Oop+O9s/G+uF+N1rx9PJ+d2n/XLzy0qF+Hq34+aOYRBVbca/7qP9FJ6XX3+od61+6/x4AwH9Nnh5aen/L878aX/RPcD88dr86E5fOrHbtRNTzz0ZFVZVTQRCEh2HVJxOn4dGmr3omAAAAAAAAAAAAnMRp/E646jUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/bn8EAAD//xrx1cI=")
chdir(0x0)
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f000000bc40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200)=ANY=[], 0x1, 0x6f2, &(0x7f0000000ac0)="$eJzs3U9sHFcZAPBv1mt7N1Udt03TIFWqaVFBWCSxLRfMJQYhZKQKqiDB2WqcxsrmD7aL3B6wC0hcOXBFKgdzgRMIISEhRSpnuFXcLE4VSFx6Snpg0Pxbr93d9TquvS78ftFk3rw3780338y+2V3J2gD+by1NR/1BNGNp+tXNbHt3Z661uzN3pyjXWhExHhG1iHpHr+S9iMUolvhMVlE19DrOL1YXrr//4e4HxVa9XGpR/NfsHWB9kLPYLpeYioiRcn0M+8Z7/fHGG98rJu3MZAl7qUocDNtoRKT7/ODiXks36UjHRs/XO/DpkRTPzQ7F638y4lxENKoH2nbRWDv9CA91pLlo++TiAAAAgDPj/MOtiM2YGHYcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GlS/v5/Ui6PqvJUJNXv/3+uY/exIYbaX//IGlXhQe00ggEAAAAAAACAk/XCw/jN9TSdqLbTJGrfGyk3muX6zViPlXrE5diM5diIjViLmYiY7BhobHN5Y2NtJl7Mty58lKZpPFH0jLV9PWe79pwdMODmcc8YAAAAAAAAAP6nXJsfz9c/jqWYGHYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQKYkYKVb5cqEqT0atHhGNiBjL9tuO+FtVPkPqR+3w4GTiAAAAgCEb3bd1/mE8jM2YqLbTJP/MfzH/3N+IN+NubMRqbEQrVuJG/l1A8am/truzNb27M3cnW8phv/Nke9yv/XvvGL+fODSofMQovnvofuRL+R7NuBmrec3leD3uRStuRC3vmblUxdMRV4d3spiSa4U0jfFB0nWjXGdn/vNyfSqah+0wmWdktJ2Rq1lsSZHHp/pnovPqDODgkWai1v7m50LvI7W/jKlyfq3vUZL/pGlROlfVRDzxrb45z++X0SOdzLEczMRsx913sX/OIz7/h99+/1br7u1byfb0qd1Gj+WF7tXj/6iuUJWJwnasxFxHJp4bOBM31894Jnra/01jLZ5tl5fim/HdmI6peC3WYjV+GMuxESsxFd/IS8vl/Zz9P9k/U4v7tl47LKax8rqMHIjps+eLdb+YXsz7TsRqfDvuxY1YiVfyf7MxE1+O+ZiPhY4r/OwAM22ty6v+j72Df+kLZSGb+H62NwGe4qu7lyyvT3XktXPOnczbOmtqkZZPlqeP8DzqPzdW9h5Z2ZX4ScdrcPjamWhE+ylRRfdMlYHRrpn4VT6trLfu3l67tXz/wLjJdvfjvRz7T//sTCTZ/fJ0e47Yf3dkbc90bZvJ2y6022oH237dbLcd9kodK9/DfXyk2bztuYj4ZRlt1pbJ5vCs7VJHv+z9ViNv+yhN0+L9FgBn3rkvnhtr/qv51+a7zZ82bzVfbXx9/Cvjz4/F6F9Gv1q/OvJy7fnkd/Fu/CgO/4QOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcav2tt28vt1orawcKaZpu9Wg6kULUI/bV/PlPHfvkvzUWEYMPmO29WIvIa+pRFgbo/s+IKGu2Hu903nncJPy9vCankvA+hWTgnRs975+ycO/J8nQepWl66qdT/VbbkbunpaFdgk+4UP1E1seaknpEj15DmY6AU3Rl4879K+tvvf2l1TvLb6y8sXJ3YX5+4erC/CtzV26uthrDDg84QfmzPn+fM+xIAAAAAAAAAAAAgEEN9sc5ye3lKGrq3f6K4LDuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMewNB31B5HEzNXLV7Pt3Z25VrZU5Ww9ku/5KCJqEZFMRSTvRSxGscRkx3BJr+NsR1x//8PdD4qternk+9eOfxbb5RJTZbhT3fdrdKtMt3qNl+Tj3O893oCSchlp1yweazz4hPw3AAD//xEwCSs=")
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x10, 0x0, 0x0)
getsockopt$inet6_int(r1, 0x29, 0x10, 0x0, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='new def'], 0x2a, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x4c, 0x0, &(0x7f0000000200))
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0x4, 0x44}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000000c0)={<r4=>0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r2, 0x84, 0x1b, 0x0, &(0x7f00000005c0))
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000840)={r4, @in6={{0xa, 0x4e20, 0x3ae, @empty, 0x129}}, 0x2, 0x2, 0x614, 0x1, 0xd, 0x7, 0x4}, 0x9c)

2.139999916s ago: executing program 5 (id=1021):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10)
syz_emit_ethernet(0x7e, &(0x7f0000000040)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "ecff80", 0x48, 0x11, 0x0, @remote, @mcast2, {[], {0x0, 0x4e22, 0x48, 0x0, @wg=@cookie={0x4, 0x0, "7d91b3ccaf4c63521df8f969a9a3ef8377d86e2c440fb055", "8fc99fa615e832d5f00ce4a5807ebb53fbfc8fbe4761a7cfe44dcf957dbdc946"}}}}}}}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r6 = add_key$fscrypt_provisioning(&(0x7f0000000040), &(0x7f00000000c0)={'syz', 0x2}, &(0x7f0000000100)={0x1, 0x0, @c}, 0x29, 0xfffffffffffffffc)
fstat(r3, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
newfstatat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x4400)
keyctl$chown(0x4, r6, r7, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet_udp(0x2, 0x2, 0x0)

1.927435818s ago: executing program 3 (id=1190):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000140))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000340)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r3, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
write(r2, 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r5, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r7, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.controllers\x00', 0x300, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r8, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="18000000"], 0x1c}], 0x1, 0x0, 0x0, 0x4004000}, 0x0)

109.658769ms ago: executing program 5 (id=1191):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/mnt\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
io_setup(0x8, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb2570000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000000)=0x6)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000040)="2f30c8307b0a", 0x6}], 0x1)
ioctl$NS_GET_USERNS(r0, 0xb701, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYRESHEX], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
clock_settime(0x0, &(0x7f0000003c80)={0x77359400})

0s ago: executing program 4 (id=1192):
close(0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0x22, 0xfffffffffffffe58, {[@main=@item_4={0x3, 0x0, 0x9, "70a6d33e"}, @global=@item_012={0x2, 0x1, 0xb, '\x00\x00'}, @main=@item_012={0x1, 0x0, 0x8, "0f"}]}}, 0x0}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001f80)={0x0, 0x0, 0x0}, 0x0)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x1, 0x0, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_NOTIFY(r3, &(0x7f00000001c0)={0xf, 0x8, 0xfa00, {0xffffffffffffffff, 0x11}}, 0x10)
syz_io_uring_setup(0x3eeb, &(0x7f0000000480)={0x0, 0x8000, 0x800}, &(0x7f00000001c0), &(0x7f00000003c0))
prctl$PR_GET_TSC(0x43, 0x0)
r4 = socket(0xa, 0x3, 0x3a)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000040)=@ethtool_link_settings={0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20, 0xfd, [0x0, 0x31e, 0x8000000, 0xc, 0x0, 0x0, 0x0, 0x2]}})
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x4000000)
sendmsg$NLBL_UNLABEL_C_STATICADD(r5, 0x0, 0x4000042)

kernel console output (not intermixed with test programs):

 cc 0x0c23 length: 249 > 4
[   82.836231][ T5803] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   82.844246][ T5795] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   82.851886][ T5795] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   82.860183][ T5795] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   82.867559][ T5795] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   83.373805][ T5797] chnl_net:caif_netlink_parms(): no params data found
[   83.395339][ T5787] chnl_net:caif_netlink_parms(): no params data found
[   83.507333][ T5785] chnl_net:caif_netlink_parms(): no params data found
[   83.535559][ T5786] chnl_net:caif_netlink_parms(): no params data found
[   83.600492][ T5797] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.607730][ T5797] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.616114][ T5797] bridge_slave_0: entered allmulticast mode
[   83.624004][ T5797] bridge_slave_0: entered promiscuous mode
[   83.661909][ T5797] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.669095][ T5797] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.676720][ T5797] bridge_slave_1: entered allmulticast mode
[   83.684168][ T5797] bridge_slave_1: entered promiscuous mode
[   83.744071][ T5787] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.751721][ T5787] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.758864][ T5787] bridge_slave_0: entered allmulticast mode
[   83.766039][ T5787] bridge_slave_0: entered promiscuous mode
[   83.806225][ T5797] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   83.815789][ T5787] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.823142][ T5787] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.830433][ T5787] bridge_slave_1: entered allmulticast mode
[   83.837307][ T5787] bridge_slave_1: entered promiscuous mode
[   83.870846][ T5797] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   83.923329][ T5786] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.930600][ T5786] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.937933][ T5786] bridge_slave_0: entered allmulticast mode
[   83.945555][ T5786] bridge_slave_0: entered promiscuous mode
[   83.953563][ T5785] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.960910][ T5785] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.968049][ T5785] bridge_slave_0: entered allmulticast mode
[   83.975745][ T5785] bridge_slave_0: entered promiscuous mode
[   83.984809][ T5785] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.992197][ T5785] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.999565][ T5785] bridge_slave_1: entered allmulticast mode
[   84.006571][ T5785] bridge_slave_1: entered promiscuous mode
[   84.027727][ T5787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.037437][ T5786] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.044838][ T5786] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.052190][ T5786] bridge_slave_1: entered allmulticast mode
[   84.059104][ T5786] bridge_slave_1: entered promiscuous mode
[   84.092053][ T5787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.128005][ T5797] team0: Port device team_slave_0 added
[   84.160073][ T5785] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.171447][ T5797] team0: Port device team_slave_1 added
[   84.179175][ T5785] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.202628][ T5786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.256361][ T5787] team0: Port device team_slave_0 added
[   84.265557][ T5787] team0: Port device team_slave_1 added
[   84.274801][ T5786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.310176][ T5785] team0: Port device team_slave_0 added
[   84.344356][ T5786] team0: Port device team_slave_0 added
[   84.352455][ T5797] batman_adv: batadv0: Adding interface: batadv_slave_0
[   84.359727][ T5797] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.386201][ T5797] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   84.400114][ T5785] team0: Port device team_slave_1 added
[   84.407219][ T5797] batman_adv: batadv0: Adding interface: batadv_slave_1
[   84.414916][ T5797] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.440914][ T5797] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   84.464176][ T5786] team0: Port device team_slave_1 added
[   84.510144][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_0
[   84.517135][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.544559][ T5787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   84.569146][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_0
[   84.576383][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.602447][ T5786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   84.618884][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_0
[   84.625954][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.652148][ T5785] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   84.663870][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_1
[   84.671142][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.697102][ T5787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   84.708903][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_1
[   84.716148][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.742493][ T5786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   84.765983][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_1
[   84.773115][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   84.799216][ T5785] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   84.845470][ T5797] hsr_slave_0: entered promiscuous mode
[   84.851303][ T5789] Bluetooth: hci3: command tx timeout
[   84.857351][ T5797] hsr_slave_1: entered promiscuous mode
[   84.929723][ T5789] Bluetooth: hci2: command tx timeout
[   84.929749][ T5795] Bluetooth: hci1: command tx timeout
[   84.929971][ T5795] Bluetooth: hci0: command tx timeout
[   84.976823][ T5787] hsr_slave_0: entered promiscuous mode
[   84.983422][ T5787] hsr_slave_1: entered promiscuous mode
[   84.994475][ T5787] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   85.003064][ T5787] Cannot create hsr debugfs directory
[   85.041853][ T5785] hsr_slave_0: entered promiscuous mode
[   85.048267][ T5785] hsr_slave_1: entered promiscuous mode
[   85.054945][ T5785] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   85.063182][ T5785] Cannot create hsr debugfs directory
[   85.073469][ T5786] hsr_slave_0: entered promiscuous mode
[   85.080474][ T5786] hsr_slave_1: entered promiscuous mode
[   85.086623][ T5786] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   85.094236][ T5786] Cannot create hsr debugfs directory
[   85.507206][ T5797] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   85.519072][ T5797] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   85.531746][ T5797] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   85.542737][ T5797] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   85.611004][ T5787] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   85.631592][ T5787] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   85.642530][ T5787] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   85.658227][ T5787] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   85.746719][ T5786] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   85.771043][ T5786] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   85.783639][ T5786] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   85.796485][ T5786] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   85.882519][ T5785] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   85.893689][ T5785] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   85.910700][ T5785] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   85.935420][ T5785] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   85.990308][ T5797] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.013894][ T5787] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.043289][ T5797] 8021q: adding VLAN 0 to HW filter on device team0
[   86.082699][  T993] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.090115][  T993] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.116687][ T5787] 8021q: adding VLAN 0 to HW filter on device team0
[   86.145059][ T2946] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.152279][ T2946] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.163732][ T2946] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.170913][ T2946] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.187828][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.195083][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.273660][ T5786] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.361533][ T5786] 8021q: adding VLAN 0 to HW filter on device team0
[   86.384439][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.391630][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.412851][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.420043][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.437482][ T5785] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.504536][ T5785] 8021q: adding VLAN 0 to HW filter on device team0
[   86.543090][ T2946] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.550289][ T2946] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.593768][ T2946] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.600989][ T2946] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.862033][    T8] cfg80211: failed to load regulatory.db
[   86.930165][ T5795] Bluetooth: hci3: command tx timeout
[   86.965611][ T5787] 8021q: adding VLAN 0 to HW filter on device batadv0
[   86.983573][ T5797] 8021q: adding VLAN 0 to HW filter on device batadv0
[   87.010296][ T5803] Bluetooth: hci0: command tx timeout
[   87.010808][ T5789] Bluetooth: hci1: command tx timeout
[   87.015786][ T5795] Bluetooth: hci2: command tx timeout
[   87.122600][ T5797] veth0_vlan: entered promiscuous mode
[   87.165370][ T5797] veth1_vlan: entered promiscuous mode
[   87.198480][ T5787] veth0_vlan: entered promiscuous mode
[   87.213679][ T5786] 8021q: adding VLAN 0 to HW filter on device batadv0
[   87.235311][ T5785] 8021q: adding VLAN 0 to HW filter on device batadv0
[   87.255200][ T5787] veth1_vlan: entered promiscuous mode
[   87.291686][ T5797] veth0_macvtap: entered promiscuous mode
[   87.304942][ T5797] veth1_macvtap: entered promiscuous mode
[   87.356371][ T5786] veth0_vlan: entered promiscuous mode
[   87.371121][ T5797] batman_adv: batadv0: Interface activated: batadv_slave_0
[   87.398534][ T5786] veth1_vlan: entered promiscuous mode
[   87.411401][ T5797] batman_adv: batadv0: Interface activated: batadv_slave_1
[   87.437508][ T5785] veth0_vlan: entered promiscuous mode
[   87.454973][ T5787] veth0_macvtap: entered promiscuous mode
[   87.464161][ T5785] veth1_vlan: entered promiscuous mode
[   87.476789][ T5797] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   87.486081][ T5797] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   87.495306][ T5797] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   87.505231][ T5797] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   87.522020][ T5787] veth1_macvtap: entered promiscuous mode
[   87.563171][ T5786] veth0_macvtap: entered promiscuous mode
[   87.598298][ T5786] veth1_macvtap: entered promiscuous mode
[   87.616497][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   87.632658][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.644938][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_0
[   87.671584][ T5785] veth0_macvtap: entered promiscuous mode
[   87.682161][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   87.694561][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.706220][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_1
[   87.717646][ T5787] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   87.726874][ T5787] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   87.736510][ T5787] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   87.745339][ T5787] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   87.774753][ T5785] veth1_macvtap: entered promiscuous mode
[   87.798428][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   87.817521][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.827610][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   87.838115][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.850150][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_0
[   87.885755][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   87.897440][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.908158][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   87.918856][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.931821][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_1
[   87.963729][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   87.975022][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.991176][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   88.001960][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.011924][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   88.022694][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.034027][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_0
[   88.048476][   T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.057832][   T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.075920][ T5786] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.085073][ T5786] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.094282][ T5786] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.103100][ T5786] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.125907][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   88.139590][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.150891][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   88.161422][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.171987][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   88.182553][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   88.194176][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_1
[   88.231827][ T5785] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.240699][ T5785] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.252941][ T5785] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.262092][ T5785] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.290818][ T2946] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.298678][ T2946] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.363506][ T2946] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.377034][ T2946] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.466681][ T2946] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.483397][ T2946] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.568368][  T993] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.597952][  T993] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.632628][   T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.717970][   T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.828321][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.858826][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.129315][ T5795] Bluetooth: hci3: command tx timeout
[   89.136765][ T5795] Bluetooth: hci2: command tx timeout
[   89.144431][ T5795] Bluetooth: hci0: command tx timeout
[   89.150345][ T5789] Bluetooth: hci1: command tx timeout
[   89.522922][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.544349][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.119104][ T5896] IPVS: sed: FWM 3 0x00000003 - no destination available
[   90.127517][    C0] IPVS: sed: FWM 3 0x00000003 - no destination available
[   90.148989][ T5847] IPVS: starting estimator thread 0...
[   90.285218][ T5897] IPVS: using max 17 ests per chain, 40800 per kthread
[   90.650803][ T5901] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   90.769430][ T5893] syz.2.3[5893]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   90.807406][ T5893] loop2: detected capacity change from 0 to 512
[   90.907634][ T5893] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   91.171663][   T51] Bluetooth: hci0: command tx timeout
[   91.177145][   T51] Bluetooth: hci1: command tx timeout
[   91.183075][ T5795] Bluetooth: hci2: command tx timeout
[   91.188555][ T5789] Bluetooth: hci3: command tx timeout
[   91.201567][ T5893] EXT4-fs error (device loop2): ext4_xattr_inode_iget:449: comm syz.2.3: error while reading EA inode 32 err=-116
[   91.291037][ T5912] netlink: 'syz.1.8': attribute type 10 has an invalid length.
[   91.298860][ T5912] netlink: 40 bytes leftover after parsing attributes in process `syz.1.8'.
[   91.333962][ T5912] batman_adv: batadv0: Adding interface: virt_wifi0
[   91.340887][ T5912] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.367440][ T5912] batman_adv: batadv0: Interface activated: virt_wifi0
[   91.814203][ T5893] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2872: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   91.850871][ T5893] EXT4-fs error (device loop2): ext4_xattr_inode_iget:449: comm syz.2.3: error while reading EA inode 32 err=-116
[   91.922429][ T5893] EXT4-fs (loop2): 1 orphan inode deleted
[   91.949885][ T5893] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.955672][ T5924] raw_sendmsg: syz.3.12 forgot to set AF_INET. Fix it!
[   93.447764][ T5929] gfs2: not a GFS2 filesystem
[   93.786405][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.530761][ T5931] loop5: detected capacity change from 0 to 7
[   94.561730][ T5800] Dev loop5: unable to read RDB block 7
[   94.567514][ T5800]  loop5: unable to read partition table
[   94.607278][ T5800] loop5: partition table beyond EOD, truncated
[   94.649128][ T5931] Dev loop5: unable to read RDB block 7
[   94.673933][ T5931]  loop5: unable to read partition table
[   94.721071][ T5931] loop5: partition table beyond EOD, truncated
[   94.780819][ T5931] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5)
[   94.947779][ T5942] loop0: detected capacity change from 0 to 512
[   95.039594][ T5942] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   95.696971][ T5954] loop2: detected capacity change from 0 to 512
[   95.885623][ T5954] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   95.896411][ T5954] EXT4-fs (loop2): orphan cleanup on readonly fs
[   95.904960][ T5954] Quota error (device loop2): v2_read_file_info: Block with free entry 4294967071 out of range (1, 6).
[   95.916979][ T5954] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   95.958110][ T5942] EXT4-fs (loop0): 1 orphan inode deleted
[   96.037107][ T5942] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.075991][ T3532] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   96.077587][ T5954] EXT4-fs (loop2): Cannot turn on quotas: error -117
[   96.105435][ T5942] ext4 filesystem being mounted at /6/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   96.117221][ T5954] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.22: bg 0: block 40: padding at end of block bitmap is not set
[   96.180343][ T5954] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6637: Corrupt filesystem
[   96.190213][ T3532] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u4:9: Failed to release dquot type 1
[   96.203430][ T5954] EXT4-fs (loop2): 1 truncate cleaned up
[   96.210792][ T5954] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   96.363556][ T5963] Zero length message leads to an empty skb
[   96.456878][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.711487][ T5967] tmpfs: Unknown parameter 'fsuuid'
[   97.491230][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.511932][ T5970] netlink: 20 bytes leftover after parsing attributes in process `syz.1.26'.
[   97.825531][ T5973] netlink: 4 bytes leftover after parsing attributes in process `syz.3.28'.
[   98.823397][ T5978] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   98.932901][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   99.034659][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   99.606649][ T5982] loop2: detected capacity change from 0 to 128
[   99.714864][ T5982] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   99.789944][ T5982] ext4 filesystem being mounted at /4/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.089654][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  100.468405][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  100.675865][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  100.686458][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  102.609355][    C1] sched: RT throttling activated
[  103.237882][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  103.246562][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  103.465049][ T5785] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  103.583351][ T6004] loop0: detected capacity change from 0 to 4096
[  104.389575][ T6010] loop3: detected capacity change from 0 to 164
[  104.410498][ T6010] =======================================================
[  104.410498][ T6010] WARNING: The mand mount option has been deprecated and
[  104.410498][ T6010]          and is ignored by this kernel. Remove the mand
[  104.410498][ T6010]          option from the mount to silence this warning.
[  104.410498][ T6010] =======================================================
[  104.577762][ T6010] Unable to read rock-ridge attributes
[  104.699632][ T6004] EXT4-fs (loop0): Test dummy encryption mode enabled
[  104.790734][ T6004] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.814652][ T6017] warning: `syz.2.37' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  105.181325][ T6004] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  105.269759][ T6024] loop3: detected capacity change from 0 to 8192
[  105.481899][   T28] audit: type=1800 audit(1763296161.057:2): pid=6028 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.38" name="file2" dev="loop3" ino=1048594 res=0 errno=0
[  106.377570][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.735353][ T6037] loop0: detected capacity change from 0 to 512
[  106.767951][ T6037] EXT4-fs: Ignoring removed oldalloc option
[  106.800209][ T6037] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  106.916098][ T6037] EXT4-fs (loop0): 1 truncate cleaned up
[  106.941329][ T6037] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.840154][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.961067][ T6054] 9pnet_fd: Insufficient options for proto=fd
[  110.039584][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  110.048166][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  110.304654][ T6067] loop0: detected capacity change from 0 to 64
[  110.367093][ T6067] hfs: get root inode failed
[  112.017210][ T6070] loop3: detected capacity change from 0 to 8
[  112.510465][ T6075] input: syz0 as /devices/virtual/input/input5
[  121.844958][ T6122] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth0_to_team, syncid = 0, id = 0
[  123.175959][ T6139] netlink: 'syz.3.64': attribute type 6 has an invalid length.
[  124.689510][  T788] IPVS: starting estimator thread 0...
[  124.793247][ T6151] loop3: detected capacity change from 0 to 512
[  124.799888][ T6147] IPVS: using max 18 ests per chain, 43200 per kthread
[  124.822367][ T6151] EXT4-fs: mb_optimize_scan should be set to 0 or 1.
[  124.891381][ T6153] loop1: detected capacity change from 0 to 1024
[  125.655950][ T6153] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.115334][ T6162] loop3: detected capacity change from 0 to 512
[  126.149123][ T6162] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  126.764874][ T5797] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.097225][ T6167] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[  127.651960][ T6172] loop1: detected capacity change from 0 to 4096
[  127.816718][ T6172] ntfs: (device loop1): ntfs_read_locked_inode(): $DATA attribute is missing.
[  127.825907][ T6172] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  127.839299][ T6172] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  128.496894][ T6172] ntfs: volume version 3.1.
[  128.870854][ T6172] ntfs: (device loop1): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5.
[  128.882118][ T6172] ntfs: (device loop1): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[  128.893543][ T6172] ntfs: (device loop1): load_system_files(): Failed to determine if Windows is hibernated.  Mounting read-only.  Run chkdsk.
[  129.626333][ T6180] hub 1-0:1.0: USB hub found
[  129.633487][ T6180] hub 1-0:1.0: 1 port detected
[  131.867978][ T6189] loop2: detected capacity change from 0 to 256
[  131.980512][ T6189] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d)
[  132.029115][ T6189] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  132.969382][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  132.976457][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  133.500701][ T6202] loop3: detected capacity change from 0 to 16
[  134.763915][ T6202] erofs: (device loop3): mounted with root inode @ nid 36.
[  139.875323][ T6231] loop3: detected capacity change from 0 to 2048
[  139.926092][ T6231] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[  139.952864][ T6231] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  139.967447][ T6231] UDF-fs: error (device loop3): udf_read_inode: (ino 1376) failed !bh
[  139.977289][ T6231] UDF-fs: error (device loop3): udf_fill_super: Error in udf_iget, block=64, partition=0
[  140.343896][ T6230] netlink: 104 bytes leftover after parsing attributes in process `syz.2.90'.
[  140.607252][ T6236] loop2: detected capacity change from 0 to 1024
[  140.914188][ T6236] input: syz1 as /devices/virtual/input/input6
[  141.284016][ T6244] loop3: detected capacity change from 0 to 16
[  143.145053][ T6244] erofs: (device loop3): mounted with root inode @ nid 36.
[  143.202608][ T6244] erofs: (device loop3): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0
[  143.212643][ T6244] erofs: (device loop3): z_erofs_readahead: readahead error at folio 2 @ nid 89
[  143.221909][ T6244] erofs: (device loop3): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0
[  143.231603][ T6244] erofs: (device loop3): z_erofs_readahead: readahead error at folio 1 @ nid 89
[  143.240886][ T6244] erofs: (device loop3): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0
[  143.295092][ T6244] erofs: (device loop3): z_erofs_readahead: readahead error at folio 0 @ nid 89
[  143.304751][ T6244] erofs: (device loop3): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0
[  143.314449][ T6244] erofs: (device loop3): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0
[  143.324221][ T6244] erofs: (device loop3): z_erofs_read_folio: read error -117 @ 0 of nid 89
[  143.444419][   T28] audit: type=1800 audit(1763296198.917:3): pid=6244 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.93" name="file2" dev="loop3" ino=89 res=0 errno=0
[  144.034069][ T6244] syz.3.93 (6244) used greatest stack depth: 20744 bytes left
[  146.176028][   T12] hfsplus: b-tree write err: -5, ino 4
[  147.410539][ T6275] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  150.445334][ T6290] overlayfs: failed to clone upperpath
[  152.436734][ T6304] DRBG: could not allocate CTR cipher TFM handle: ctr(aes)
[  154.242170][ T6321] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  154.525519][ T6327] netlink: 16 bytes leftover after parsing attributes in process `syz.3.111'.
[  155.043745][ T6329] process 'syz.0.112' launched '/dev/fd/7' with NULL argv: empty string added
[  168.081908][ T5795] Bluetooth: hci3: link tx timeout
[  168.088504][ T5795] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  168.102747][ T6417] xt_CT: You must specify a L4 protocol and not use inversions on it
[  168.673953][ T6430] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  168.696487][ T6430] xt_TCPMSS: Only works on TCP SYN packets
[  170.322472][ T5789] Bluetooth: hci3: command 0x0406 tx timeout
[  171.683418][ T6453] netlink: 104 bytes leftover after parsing attributes in process `syz.1.141'.
[  176.713590][ T6502] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  177.096259][ T6502] SET target dimension over the limit!
[  177.131443][ T6503] o2cb: This node has not been configured.
[  177.137576][ T6503] o2cb: Cluster check failed. Fix errors before retrying.
[  177.144981][ T6503] (syz.2.157,6503,1):user_dlm_register:674 ERROR: status = -22
[  177.152728][ T6503] (syz.2.157,6503,1):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1"
[  179.583252][ T6516] No such timeout policy "syz1"
[  180.188138][ T6517] veth0_to_team: entered promiscuous mode
[  181.200358][ T5860] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  181.454830][ T6538] dummy0: entered allmulticast mode
[  181.469785][ T6537] dummy0: left allmulticast mode
[  181.469843][ T5860] usb 2-1: unable to get BOS descriptor or descriptor too short
[  181.509884][ T5860] usb 2-1: config 1 interface 1 has no altsetting 0
[  181.535543][ T5860] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  181.563404][ T5860] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.576114][ T5860] usb 2-1: Product: syz
[  181.585569][ T5860] usb 2-1: Manufacturer: syz
[  181.591273][ T5860] usb 2-1: SerialNumber: syz
[  181.922852][ T6547] hub 1-0:1.0: USB hub found
[  181.929505][ T6547] hub 1-0:1.0: 1 port detected
[  186.733694][ T5860] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  186.979277][ T6523] syz.1.162 (6523) used greatest stack depth: 20456 bytes left
[  187.354736][ T5860] usb 2-1: USB disconnect, device number 2
[  187.545352][ T6561] udevd[6561]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  187.913546][ T6573] virtio-fs: tag </dev/md0> not found
[  188.984481][ T6585] vxcan3: entered promiscuous mode
[  189.027782][ T6585] vxcan3: entered allmulticast mode
[  189.536055][ T6594] overlayfs: failed to resolve './bus': -2
[  190.430138][ T6585] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  191.024799][ T6606] xt_TPROXY: Can be used only with -p tcp or -p udp
[  191.712558][ T6612] netlink: 176 bytes leftover after parsing attributes in process `syz.0.181'.
[  194.406728][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  194.414367][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  199.015692][ T6696] ªªªªªª: renamed from wg2 (while UP)
[  203.120069][ T6721] dccp_check_seqno: Step 6 failed for RESET packet, (LSWL(134393064422435) <= P.seqno(0) <= S.SWH(134393064422509)) and (P.ackno exists or LAWL(205310204569000) <= P.ackno(205310204569001) <= S.AWH(205310204569001), sending SYNC...
[  206.170206][ T6757] 9pnet_fd: Insufficient options for proto=fd
[  206.681570][ T6770] loop5: detected capacity change from 0 to 7
[  206.699629][ T6770] Dev loop5: unable to read RDB block 7
[  206.723559][ T6770]  loop5: unable to read partition table
[  206.770156][ T6770] loop5: partition table beyond EOD, truncated
[  206.829243][ T6770] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5)
[  207.423362][ T5847] libceph: connect (1)[c::]:6789 error -101
[  207.430380][ T5847] libceph: mon0 (1)[c::]:6789 connect error
[  207.719622][ T6802] wlan0 speed is unknown, defaulting to 1000
[  207.726293][ T6802] wlan0 speed is unknown, defaulting to 1000
[  207.748945][ T6802] wlan0 speed is unknown, defaulting to 1000
[  207.786200][ T6802] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  207.840357][ T6802] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  208.240669][ T5847] libceph: connect (1)[c::]:6789 error -101
[  208.246771][ T5847] libceph: mon0 (1)[c::]:6789 connect error
[  208.252678][ T6802] wlan0 speed is unknown, defaulting to 1000
[  208.255832][ T6802] wlan0 speed is unknown, defaulting to 1000
[  208.267342][ T6802] wlan0 speed is unknown, defaulting to 1000
[  208.274916][ T6802] wlan0 speed is unknown, defaulting to 1000
[  208.359713][ T6796] ceph: No mds server is up or the cluster is laggy
[  210.351432][ T6818] ªªªªªª: renamed from wg2 (while UP)
[  212.098888][ T6851] 8021q: adding VLAN 0 to HW filter on device bond1
[  213.763509][ T6853] bond_slave_0: entered promiscuous mode
[  213.769614][ T6853] bond_slave_1: entered promiscuous mode
[  213.800398][ T6853] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  213.837533][ T6853] bond1: (slave macvlan2): Enslaving as a backup interface with an up link
[  213.890543][ T6855] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  214.802937][ T6872] ipvlan2: entered promiscuous mode
[  222.315663][ T6916] vcan0: tx drop: invalid da for name 0x0000000000000003
[  227.691028][ T6956] netlink: 4 bytes leftover after parsing attributes in process `syz.2.253'.
[  228.003727][ T6956] veth0_macvtap: left promiscuous mode
[  230.548146][ T6965] 9pnet_fd: Insufficient options for proto=fd
[  232.905232][ T6983] netlink: 24 bytes leftover after parsing attributes in process `syz.2.268'.
[  236.712635][ T7027] netlink: 76 bytes leftover after parsing attributes in process `syz.0.269'.
[  236.998381][ T7033] netlink: 28 bytes leftover after parsing attributes in process `syz.1.275'.
[  240.165120][ T7052] netlink: 16 bytes leftover after parsing attributes in process `syz.2.280'.
[  243.517000][ T7078] netlink: 'syz.3.288': attribute type 24 has an invalid length.
[  243.531065][ T7078] netlink: 8 bytes leftover after parsing attributes in process `syz.3.288'.
[  243.549496][ T7078] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[  245.092642][ T7084] loop1: detected capacity change from 0 to 32768
[  249.390921][ T7101] netlink: 76 bytes leftover after parsing attributes in process `syz.3.291'.
[  249.992990][ T7113] netlink: 'syz.1.293': attribute type 10 has an invalid length.
[  252.548632][ T7137] netlink: 16 bytes leftover after parsing attributes in process `syz.1.295'.
[  256.129777][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  256.136160][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  258.409424][ T7190] netlink: 'syz.0.311': attribute type 1 has an invalid length.
[  261.172913][ T7209] netlink: 4 bytes leftover after parsing attributes in process `syz.3.318'.
[  261.740792][ T7209] veth0_macvtap: left promiscuous mode
[  261.977649][ T7216] loop1: detected capacity change from 0 to 64
[  261.992494][ T7216] hfs: get root inode failed
[  262.065473][ T7156] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  264.228235][ T7232] ceph: No mds server is up or the cluster is laggy
[  264.236858][ T5878] libceph: connect (1)[c::]:6789 error -101
[  264.243261][ T5878] libceph: mon0 (1)[c::]:6789 connect error
[  266.659671][ T7254] wlan0 speed is unknown, defaulting to 1000
[  267.350529][ T7260] netlink: 'syz.1.332': attribute type 1 has an invalid length.
[  268.375126][ T7264] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  268.500481][ T7264] bond2: (slave vxcan3): Error -95 calling set_mac_address
[  268.633731][ T7267] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  268.645430][ T7267] batman_adv: batadv0: Adding interface: ip6gretap1
[  268.652112][ T7267] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.677744][ T7267] batman_adv: batadv0: Interface activated: ip6gretap1
[  268.934548][ T7260] bond2: (slave bridge1): Enslaving as an active interface with a down link
[  269.392377][ T7260] bond2: (slave gretap1): making interface the new active one
[  269.403870][ T7260] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  269.425045][ T7264] macvlan3: entered promiscuous mode
[  269.449638][ T7264] macvlan3: entered allmulticast mode
[  269.904966][ T7264] bond2: entered promiscuous mode
[  270.053212][ T7264] gretap1: entered promiscuous mode
[  270.107814][ T7264] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  270.191863][ T7264] bond2: (slave macvlan3): the slave hw address is in use by the bond; giving it the hw address of gretap1
[  270.240705][ T7264] bond2: left promiscuous mode
[  270.245554][ T7264] gretap1: left promiscuous mode
[  270.378124][ T7284] netlink: 28 bytes leftover after parsing attributes in process `syz.2.340'.
[  270.984459][ T7260] syz.1.332 (7260) used greatest stack depth: 20272 bytes left
[  270.992244][ T7264] syz.1.332 (7264) used greatest stack depth: 19024 bytes left
[  272.410290][ T7311] netlink: 20 bytes leftover after parsing attributes in process `syz.3.346'.
[  272.419338][ T7311] netlink: 12 bytes leftover after parsing attributes in process `syz.3.346'.
[  274.544472][ T7317] wlan0 speed is unknown, defaulting to 1000
[  279.836419][ T7373] ceph: No source
[  279.846692][ T7373] kAFS: unable to lookup cell '\/'
[  280.902276][ T7384] netlink: 4 bytes leftover after parsing attributes in process `syz.1.367'.
[  283.974941][ T7406] ceph: No mds server is up or the cluster is laggy
[  283.982154][   T23] libceph: connect (1)[c::]:6789 error -101
[  283.999904][   T23] libceph: mon0 (1)[c::]:6789 connect error
[  287.893108][ T7418] wlan0 speed is unknown, defaulting to 1000
[  287.930804][ T7449] lo speed is unknown, defaulting to 1000
[  287.936641][ T7449] lo speed is unknown, defaulting to 1000
[  287.943174][ T7449] lo speed is unknown, defaulting to 1000
[  287.956548][ T7449] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  287.988092][ T7449] lo speed is unknown, defaulting to 1000
[  287.995960][ T7449] lo speed is unknown, defaulting to 1000
[  288.003479][ T7449] lo speed is unknown, defaulting to 1000
[  288.011500][ T7449] lo speed is unknown, defaulting to 1000
[  288.018509][ T7449] lo speed is unknown, defaulting to 1000
[  288.987832][ T7465] autofs4:pid:7465:autofs_fill_super: called with bogus options
[  298.421739][ T7547] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  298.431020][ T7547] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  298.440137][ T7547] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  298.449211][ T7547] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  298.459180][ T7547] geneve2: entered promiscuous mode
[  298.464787][ T7547] geneve2: entered allmulticast mode
[  303.484524][ T7559] ptrace attach of ""[7560] was attempted by "./syz-executor exec"[7559]
[  307.370121][ T7581] ceph: No source
[  307.379167][ T7581] kAFS: unable to lookup cell '\/'
[  307.671885][ T7584] autofs4:pid:7584:autofs_fill_super: called with bogus options
[  308.362442][ T7588] wlan0 speed is unknown, defaulting to 1000
[  308.372382][ T7595] xt_CT: You must specify a L4 protocol and not use inversions on it
[  308.470392][ T7588] lo speed is unknown, defaulting to 1000
[  308.548278][ T7597] overlayfs: failed to clone upperpath
[  312.718019][ T5789] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  312.777193][ T5789] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  312.795053][ T5789] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  312.807260][ T5789] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  312.815438][ T5789] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  312.823627][ T5789] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  312.897681][ T7625] wlan0 speed is unknown, defaulting to 1000
[  312.905794][ T7625] lo speed is unknown, defaulting to 1000
[  313.008912][ T5795] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  313.018403][ T5795] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  313.034676][ T5795] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  313.076514][ T5795] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  313.090888][ T5795] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  313.099427][ T5795] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  313.242628][ T7640] overlayfs: failed to clone lowerpath
[  313.364055][ T7639] overlayfs: failed to clone lowerpath
[  313.405321][ T7618] wlan0 speed is unknown, defaulting to 1000
[  313.418817][ T7618] lo speed is unknown, defaulting to 1000
[  314.576722][ T7618] chnl_net:caif_netlink_parms(): no params data found
[  314.988751][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.221135][ T5795] Bluetooth: hci4: command tx timeout
[  317.640061][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  318.641501][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  319.035642][ T5795] Bluetooth: hci4: command tx timeout
[  319.436838][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.937333][ T7685] autofs4:pid:7685:autofs_fill_super: called with bogus options
[  320.527118][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.603984][ T7618] bridge0: port 1(bridge_slave_0) entered blocking state
[  320.611555][ T7618] bridge0: port 1(bridge_slave_0) entered disabled state
[  320.618887][ T7618] bridge_slave_0: entered allmulticast mode
[  320.630691][ T7618] bridge_slave_0: entered promiscuous mode
[  320.660144][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.677830][ T7618] bridge0: port 2(bridge_slave_1) entered blocking state
[  320.687304][ T7618] bridge0: port 2(bridge_slave_1) entered disabled state
[  320.694778][ T7618] bridge_slave_1: entered allmulticast mode
[  320.702431][ T7618] bridge_slave_1: entered promiscuous mode
[  320.740240][ T7618] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  320.753786][ T7618] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  320.797337][ T7618] team0: Port device team_slave_0 added
[  320.807345][ T7618] team0: Port device team_slave_1 added
[  320.856468][ T7618] batman_adv: batadv0: Adding interface: batadv_slave_0
[  320.863759][ T7618] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  320.892015][ T7618] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  320.920648][ T7618] batman_adv: batadv0: Adding interface: batadv_slave_1
[  320.927646][ T7618] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  320.954005][ T7618] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  321.023170][ T7618] hsr_slave_0: entered promiscuous mode
[  321.030244][ T7618] hsr_slave_1: entered promiscuous mode
[  321.036706][ T7618] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  321.045368][ T7618] Cannot create hsr debugfs directory
[  321.099559][ T5789] Bluetooth: hci4: command tx timeout
[  321.589857][ T7618] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  321.601900][ T7618] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  321.615978][ T7618] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  321.655271][ T7618] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  321.850878][ T7618] 8021q: adding VLAN 0 to HW filter on device bond0
[  321.888911][ T7618] 8021q: adding VLAN 0 to HW filter on device team0
[  321.953381][   T62] bridge0: port 1(bridge_slave_0) entered blocking state
[  321.961404][   T62] bridge0: port 1(bridge_slave_0) entered forwarding state
[  322.023185][   T62] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.030483][   T62] bridge0: port 2(bridge_slave_1) entered forwarding state
[  322.136179][ T7618] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  322.431538][   T12] hsr_slave_0: left promiscuous mode
[  322.449918][   T12] hsr_slave_1: left promiscuous mode
[  322.456295][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  322.466257][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  322.474809][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  322.482356][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  322.491708][   T12] bridge_slave_1: left allmulticast mode
[  322.497379][   T12] bridge_slave_1: left promiscuous mode
[  322.505057][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  322.517705][   T12] bridge_slave_0: left allmulticast mode
[  322.523845][   T12] bridge_slave_0: left promiscuous mode
[  322.531179][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  322.562269][   T12] veth1_macvtap: left promiscuous mode
[  322.568234][   T12] veth1_vlan: left promiscuous mode
[  322.574242][   T12] veth0_vlan: left promiscuous mode
[  322.697868][ T5878] infiniband syz2: ib_query_port failed (-19)
[  323.110302][   T12] team0 (unregistering): Port device team_slave_1 removed
[  323.151660][   T12] team0 (unregistering): Port device team_slave_0 removed
[  323.179695][ T5789] Bluetooth: hci4: command tx timeout
[  323.198113][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  323.244514][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  323.698759][   T12] bond0 (unregistering): Released all slaves
[  323.884406][ T7618] 8021q: adding VLAN 0 to HW filter on device batadv0
[  324.228043][   T12] IPVS: stop unused estimator thread 0...
[  324.357275][ T7618] veth0_vlan: entered promiscuous mode
[  324.377000][ T7618] veth1_vlan: entered promiscuous mode
[  324.422338][ T7618] veth0_macvtap: entered promiscuous mode
[  324.438686][ T7618] veth1_macvtap: entered promiscuous mode
[  324.475405][ T7618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  324.485982][ T7618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  324.503546][ T7618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  324.517041][ T7618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  324.530445][ T7618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  324.546325][ T7618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  324.564008][ T7618] batman_adv: batadv0: Interface activated: batadv_slave_0
[  324.577704][ T7618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  324.592029][ T7618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  324.602197][ T7618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  324.612967][ T7618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  324.623672][ T7618] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  324.634304][ T7618] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  324.645520][ T7618] batman_adv: batadv0: Interface activated: batadv_slave_1
[  324.680847][ T7618] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  324.697902][ T7618] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  324.707227][ T7618] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  324.716256][ T7618] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  324.827166][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  324.843570][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  324.895825][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  324.907046][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  325.361595][ T7770] overlayfs: failed to clone lowerpath
[  325.380945][ T7769] netlink: 8 bytes leftover after parsing attributes in process `syz.0.445'.
[  325.663287][ T7773] overlayfs: failed to clone lowerpath
[  331.772321][ T7813] ceph: No source
[  331.779461][ T7813] kAFS: unable to lookup cell '\/'
[  333.429692][ T5789] Bluetooth: hci4: unexpected Set CIG Parameters response data
[  333.630183][ T7834] overlayfs: failed to clone lowerpath
[  334.187992][ T7834] overlayfs: failed to clone lowerpath
[  336.171940][ T7855] loop4: detected capacity change from 0 to 1024
[  337.109887][ T7855] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  337.491827][ T5789] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  337.585794][ T7874] Bluetooth: MGMT ver 1.22
[  337.605231][ T5789] Bluetooth: hci4: Injecting HCI hardware error event
[  337.618560][ T5795] Bluetooth: hci4: hardware error 0x00
[  339.313063][ T7618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  339.928195][ T5795] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  340.065210][   T23] IPVS: starting estimator thread 0...
[  340.407338][ T7902] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  340.416315][ T7902] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  340.425174][ T7902] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  340.434025][ T7902] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  340.442969][ T7902] geneve2: entered promiscuous mode
[  340.448205][ T7902] geneve2: entered allmulticast mode
[  340.559374][ T7899] IPVS: using max 16 ests per chain, 38400 per kthread
[  340.881412][ T7913] loop4: detected capacity change from 0 to 1024
[  340.897721][ T7913] EXT4-fs: Ignoring removed orlov option
[  340.938596][ T7913] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  341.135698][ T7921] xt_CT: You must specify a L4 protocol and not use inversions on it
[  345.638238][ T7618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.698018][ T7971] netlink: 'syz.3.479': attribute type 4 has an invalid length.
[  347.764654][ T7972] netlink: 'syz.3.479': attribute type 17 has an invalid length.
[  348.629669][ T7983] loop4: detected capacity change from 0 to 764
[  348.685060][ T7983] rock: directory entry would overflow storage
[  348.700892][ T7983] rock: sig=0x4654, size=5, remaining=4
[  349.205669][ T7991] isofs: Unable to find the ".." directory for NFS.
[  351.141171][ T8012] xt_CT: You must specify a L4 protocol and not use inversions on it
[  354.102393][   T28] audit: type=1800 audit(1763296409.687:4): pid=8051 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.494" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  354.102954][ T8051] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  354.132541][ T8051] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  354.142263][ T8051] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  362.296606][ T8105] overlayfs: failed to clone upperpath
[  362.558190][ T8101] ceph: No mds server is up or the cluster is laggy
[  363.190284][ T8135] 9pnet_virtio: no channels available for device syz
[  369.657970][ T8197] Can't find a SQUASHFS superblock on nullb0
[  371.976652][ T8211] hub 1-0:1.0: USB hub found
[  371.983200][ T8211] hub 1-0:1.0: 1 port detected
[  373.543161][ T8224] loop4: detected capacity change from 0 to 4096
[  373.573900][ T8224] EXT4-fs (loop4): Test dummy encryption mode enabled
[  373.613433][ T8224] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  373.716295][   T28] audit: type=1326 audit(1763296429.297:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.3.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf7d78f6c9 code=0x7fc00000
[  373.876025][   T28] audit: type=1326 audit(1763296429.457:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.3.524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf7d78f6c9 code=0x7fc00000
[  374.923487][ T7618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.234109][ T8249] fuse: Bad value for 'fd'
[  378.693186][ T8278] xt_l2tp: missing protocol rule (udp|l2tpip)
[  378.699629][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  378.699781][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  380.330818][ T8298] (null): rxe_set_mtu: Set mtu to 1024
[  380.736534][ T8298] infiniband syz2: set active
[  380.741660][ T8298] infiniband syz2: added syz_tun
[  380.748513][ T8298] syz2: rxe_create_cq: returned err = -12
[  380.754742][ T8298] infiniband syz2: Couldn't create ib_mad CQ
[  380.761021][ T8298] infiniband syz2: Couldn't open port 1
[  380.795490][ T8298] RDS/IB: syz2: added
[  380.800426][ T8298] smc: adding ib device syz2 with port count 1
[  380.806854][ T8298] smc:    ib device syz2 port 1 has pnetid 
[  382.115303][   T28] audit: type=1326 audit(1763296437.697:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8290 comm="syz.4.536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faabb98f6c9 code=0x7fc00000
[  385.245983][ T8346] "syz.1.552" (8346) uses obsolete ecb(arc4) skcipher
[  385.271063][ T8346] trusted_key: syz.1.552 sent an empty control message without MSG_MORE.
[  388.223628][  T968] IPVS: starting estimator thread 0...
[  388.483663][ T8381] IPVS: using max 19 ests per chain, 45600 per kthread
[  392.751267][ T8432] "syz.3.561" (8432) uses obsolete ecb(arc4) skcipher
[  393.944615][ T8446] syz.4.566: attempt to access beyond end of device
[  393.944615][ T8446] loop4: rw=0, sector=0, nr_sectors = 1 limit=0
[  396.605124][ T8468] overlayfs: failed to clone upperpath
[  397.752423][ T8488] netlink: 8 bytes leftover after parsing attributes in process `syz.3.574'.
[  397.920117][ T8486] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  397.930334][ T8486] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  397.940245][ T8486] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  397.959274][   T28] audit: type=1800 audit(1763296453.507:8): pid=8486 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.572" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  398.505429][ T8494] loop4: detected capacity change from 0 to 764
[  402.316453][ T8544] block device autoloading is deprecated and will be removed.
[  404.451379][ T8563] capability: warning: `syz.3.589' uses deprecated v2 capabilities in a way that may be insecure
[  405.939779][ T8570] netlink: 'syz.3.592': attribute type 5 has an invalid length.
[  406.518749][ T8572] netlink: 'syz.0.593': attribute type 6 has an invalid length.
[  406.574023][ T8572] Invalid option length (65058) for dns_resolver key
[  408.150771][ T8595] 9pnet_fd: Insufficient options for proto=fd
[  409.732547][ T8629] loop4: detected capacity change from 0 to 512
[  409.771262][ T8629] EXT4-fs: Ignoring removed mblk_io_submit option
[  409.789401][ T8629] EXT4-fs: inline encryption not supported
[  409.795322][ T8629] EXT4-fs: Ignoring removed mblk_io_submit option
[  409.824284][ T8629] EXT4-fs (loop4): Test dummy encryption mode enabled
[  409.850007][ T8629] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  409.888570][ T8629] EXT4-fs (loop4): 1 truncate cleaned up
[  409.901561][ T8629] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  410.270628][ T8635] netlink: 'syz.0.607': attribute type 1 has an invalid length.
[  410.304168][ T7618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  410.415321][ T8635] 8021q: adding VLAN 0 to HW filter on device bond1
[  410.617078][ T8637] 8021q: adding VLAN 0 to HW filter on device bond1
[  410.648591][ T8637] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  410.702631][ T8637] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  410.855640][ T8638] ip6erspan0: entered promiscuous mode
[  410.882262][ T8638] bond1: (slave ip6erspan0): making interface the new active one
[  410.905524][ T8638] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link
[  410.937942][ T8641] macvlan2: entered promiscuous mode
[  410.977836][ T8641] bond1: entered promiscuous mode
[  410.993860][ T8641] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  411.015787][ T8641] bond1: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of ip6erspan0
[  411.071445][ T8641] bond1: left promiscuous mode
[  411.158911][ T8652] bridge0: port 2(bridge_slave_1) entered disabled state
[  411.167614][ T8652] bridge0: port 1(bridge_slave_0) entered disabled state
[  418.686730][ T8728] loop4: detected capacity change from 0 to 2048
[  418.725826][ T8728] NILFS (loop4): invalid segment: Magic number mismatch
[  418.733834][ T8728] NILFS (loop4): trying rollback from an earlier position
[  418.781639][ T8728] NILFS (loop4): recovery complete
[  418.798522][ T8733] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  420.241743][ T8750] overlayfs: failed to clone upperpath
[  420.746352][ T8761] 9pnet_fd: Insufficient options for proto=fd
[  425.223292][ T8795] 9pnet_fd: Insufficient options for proto=fd
[  425.896130][ T8807] loop4: detected capacity change from 0 to 256
[  434.037069][ T8863] loop4: detected capacity change from 0 to 128
[  434.980812][ T8869] ptrace attach of "./syz-executor exec"[5787] was attempted by "./syz-executor exec"[8869]
[  435.540166][ T8726] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  436.206416][ T8873] overlayfs: failed to clone upperpath
[  438.828564][ T8894] overlayfs: failed to clone upperpath
[  439.861143][ T8907] xt_l2tp: missing protocol rule (udp|l2tpip)
[  440.138018][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  440.144821][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  440.829577][ T8913] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  441.639635][ T8913] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  441.639635][ T8913]    program syz.4.684 not setting count and/or reply_len properly
[  442.365655][ T8932] netlink: 8 bytes leftover after parsing attributes in process `syz.4.688'.
[  444.988986][ T8941] bridge2: entered promiscuous mode
[  444.994883][ T8941] bridge2: entered allmulticast mode
[  447.055909][ T8975] netlink: 4 bytes leftover after parsing attributes in process `syz.4.694'.
[  447.068519][ T8975] netlink: 4 bytes leftover after parsing attributes in process `syz.4.694'.
[  447.080788][ T8975] netlink: 4 bytes leftover after parsing attributes in process `syz.4.694'.
[  447.094866][ T8975] netlink: 4 bytes leftover after parsing attributes in process `syz.4.694'.
[  447.104656][ T8975] netlink: 4 bytes leftover after parsing attributes in process `syz.4.694'.
[  447.114737][ T8975] netlink: 4 bytes leftover after parsing attributes in process `syz.4.694'.
[  447.126992][ T8975] netlink: 4 bytes leftover after parsing attributes in process `syz.4.694'.
[  447.136024][ T8975] netlink: 4 bytes leftover after parsing attributes in process `syz.4.694'.
[  447.144996][ T8975] netlink: 4 bytes leftover after parsing attributes in process `syz.4.694'.
[  447.422112][ T8981] overlayfs: failed to clone upperpath
[  450.206726][ T9011] __nla_validate_parse: 44 callbacks suppressed
[  450.206742][ T9011] netlink: 12 bytes leftover after parsing attributes in process `syz.3.704'.
[  450.236813][ T9011] netlink: 40 bytes leftover after parsing attributes in process `syz.3.704'.
[  450.401705][ T9018] xt_l2tp: missing protocol rule (udp|l2tpip)
[  451.753000][ T9030] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '
'
[  454.946030][ T9050] netlink: 8 bytes leftover after parsing attributes in process `syz.4.713'.
[  454.955207][ T9050] netlink: 12 bytes leftover after parsing attributes in process `syz.4.713'.
[  454.964295][ T9050] netlink: 'syz.4.713': attribute type 18 has an invalid length.
[  454.979660][ T9050] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  454.988944][ T9050] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  454.997928][ T9050] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  455.006732][ T9050] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  455.017821][ T9050] netlink: 8 bytes leftover after parsing attributes in process `syz.4.713'.
[  455.026710][ T9050] netlink: 12 bytes leftover after parsing attributes in process `syz.4.713'.
[  455.035820][ T9050] netlink: 'syz.4.713': attribute type 18 has an invalid length.
[  456.253502][ T9068] netlink: 3 bytes leftover after parsing attributes in process `syz.3.718'.
[  456.306796][ T9069] loop4: detected capacity change from 0 to 1024
[  456.632448][ T9068] batadv1: entered allmulticast mode
[  457.194710][   T12] batman_adv: batadv1: adding TT local entry 33:33:00:00:00:01 to non-existent VLAN -1
[  458.458003][ T9089] 9pnet_fd: Insufficient options for proto=fd
[  460.502361][ T9103] netlink: 8 bytes leftover after parsing attributes in process `syz.0.727'.
[  460.511428][ T9103] netlink: 12 bytes leftover after parsing attributes in process `syz.0.727'.
[  460.520566][ T9103] netlink: 'syz.0.727': attribute type 18 has an invalid length.
[  460.608094][ T9103] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  460.618710][ T9103] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  460.627737][ T9103] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  460.636518][ T9103] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  460.658564][ T9103] netlink: 8 bytes leftover after parsing attributes in process `syz.0.727'.
[  460.667673][ T9103] netlink: 12 bytes leftover after parsing attributes in process `syz.0.727'.
[  460.676816][ T9103] netlink: 'syz.0.727': attribute type 18 has an invalid length.
[  462.104356][ T9117] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  466.835199][ T9156] netlink: 8 bytes leftover after parsing attributes in process `syz.3.740'.
[  466.844207][ T9156] netlink: 12 bytes leftover after parsing attributes in process `syz.3.740'.
[  466.853535][ T9156] netlink: 'syz.3.740': attribute type 18 has an invalid length.
[  467.188506][ T9156] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  467.197311][ T9156] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  467.206066][ T9156] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  467.214849][ T9156] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  467.250694][ T9156] netlink: 8 bytes leftover after parsing attributes in process `syz.3.740'.
[  467.259766][ T9156] netlink: 12 bytes leftover after parsing attributes in process `syz.3.740'.
[  467.269411][ T9156] netlink: 'syz.3.740': attribute type 18 has an invalid length.
[  469.314876][ T9175] netlink: 4 bytes leftover after parsing attributes in process `syz.3.745'.
[  469.325904][ T9175] netlink: 4 bytes leftover after parsing attributes in process `syz.3.745'.
[  469.337394][ T9175] netlink: 4 bytes leftover after parsing attributes in process `syz.3.745'.
[  469.346646][ T9175] netlink: 4 bytes leftover after parsing attributes in process `syz.3.745'.
[  469.357453][ T9175] netlink: 4 bytes leftover after parsing attributes in process `syz.3.745'.
[  469.369164][ T9175] netlink: 4 bytes leftover after parsing attributes in process `syz.3.745'.
[  470.871747][ T9186] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  472.233117][ T9205] SET target dimension over the limit!
[  477.527741][ T9242] __nla_validate_parse: 45 callbacks suppressed
[  477.527758][ T9242] netlink: 12 bytes leftover after parsing attributes in process `syz.1.763'.
[  477.644685][ T9243] netlink: 40 bytes leftover after parsing attributes in process `syz.1.763'.
[  477.838684][ T9247] netlink: 755 bytes leftover after parsing attributes in process `syz.3.764'.
[  479.245270][ T9262] netlink: 16 bytes leftover after parsing attributes in process `syz.1.769'.
[  481.104126][ T9280] mmap: syz.0.772 (9280) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  481.495615][ T9285] loop4: detected capacity change from 0 to 1024
[  482.384223][   T28] audit: type=1804 audit(1763296537.507:9): pid=9288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.774" name="/newroot/77/file1/bus" dev="loop4" ino=26 res=1 errno=0
[  482.441897][ T9287] hfsplus: xattr searching failed
[  482.582902][  T993] hfsplus: b-tree write err: -5, ino 4
[  482.668536][ T9293] netlink: 8 bytes leftover after parsing attributes in process `syz.1.784'.
[  482.751028][ T9292] netlink: 188 bytes leftover after parsing attributes in process `syz.3.775'.
[  485.180396][ T9317] loop4: detected capacity change from 0 to 512
[  485.254951][ T9315] netlink: 4 bytes leftover after parsing attributes in process `syz.1.781'.
[  485.265191][ T9315] netlink: 4 bytes leftover after parsing attributes in process `syz.1.781'.
[  485.276345][ T9315] netlink: 4 bytes leftover after parsing attributes in process `syz.1.781'.
[  485.286753][ T9315] netlink: 4 bytes leftover after parsing attributes in process `syz.1.781'.
[  485.296224][ T9315] netlink: 4 bytes leftover after parsing attributes in process `syz.1.781'.
[  485.306618][ T9315] netlink: 4 bytes leftover after parsing attributes in process `syz.1.781'.
[  485.321741][ T9315] netlink: 4 bytes leftover after parsing attributes in process `syz.1.781'.
[  485.333114][ T9315] netlink: 4 bytes leftover after parsing attributes in process `syz.1.781'.
[  485.580125][ T9314] x_tables: ip6_tables: icmp6 match: only valid for protocol 58
[  486.522845][ T9317] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  486.535523][ T9317] ext4 filesystem being mounted at /79/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  486.570599][ T9316] Quota error (device loop4): do_check_range: Getting block 83886080 out of range 0-5
[  486.618852][   T28] audit: type=1326 audit(1763296542.197:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9325 comm="syz.1.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146238f6c9 code=0x7ffc0000
[  487.139403][   T28] audit: type=1326 audit(1763296542.197:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9325 comm="syz.1.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146238f6c9 code=0x7ffc0000
[  488.437468][   T28] audit: type=1326 audit(1763296542.207:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9325 comm="syz.1.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f146238f6c9 code=0x7ffc0000
[  488.461665][   T28] audit: type=1326 audit(1763296542.207:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9325 comm="syz.1.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146238f6c9 code=0x7ffc0000
[  488.484556][   T28] audit: type=1326 audit(1763296542.207:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9325 comm="syz.1.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146238f6c9 code=0x7ffc0000
[  488.487967][ T7618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  488.508132][   T28] audit: type=1326 audit(1763296542.207:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9325 comm="syz.1.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f146238f6c9 code=0x7ffc0000
[  488.546676][   T28] audit: type=1326 audit(1763296542.207:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9325 comm="syz.1.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146238f6c9 code=0x7ffc0000
[  488.568961][   T28] audit: type=1326 audit(1763296542.207:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9325 comm="syz.1.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f146238f6c9 code=0x7ffc0000
[  488.671788][   T28] audit: type=1326 audit(1763296542.207:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9325 comm="syz.1.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146238f6c9 code=0x7ffc0000
[  488.718793][   T28] audit: type=1326 audit(1763296542.207:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9325 comm="syz.1.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f146238f6c9 code=0x7ffc0000
[  488.802735][   T28] audit: type=1326 audit(1763296542.207:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9325 comm="syz.1.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f146238f6c9 code=0x7ffc0000
[  489.306129][   T28] audit: type=1326 audit(1763296542.207:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9325 comm="syz.1.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f146238f703 code=0x7ffc0000
[  489.745156][ T9344] ptrace attach of "./syz-executor exec"[7618] was attempted by "./syz-executor exec"[9344]
[  490.572590][ T9350] loop4: detected capacity change from 0 to 1024
[  490.580225][ T9350] EXT4-fs: Ignoring removed nomblk_io_submit option
[  490.601901][ T9350] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  490.647894][ T9350] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  491.865603][ T9363] __nla_validate_parse: 40 callbacks suppressed
[  491.865622][ T9363] netlink: 4 bytes leftover after parsing attributes in process `syz.3.785'.
[  492.007258][ T7618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  494.280702][ T9379] overlayfs: failed to clone upperpath
[  494.537472][ T9389] netlink: 104 bytes leftover after parsing attributes in process `syz.0.802'.
[  497.292151][ T9414] netlink: 4 bytes leftover after parsing attributes in process `syz.0.808'.
[  497.669495][ T9414] netlink: 4 bytes leftover after parsing attributes in process `syz.0.808'.
[  497.679037][ T9414] netlink: 4 bytes leftover after parsing attributes in process `syz.0.808'.
[  497.688208][ T9414] netlink: 4 bytes leftover after parsing attributes in process `syz.0.808'.
[  497.697340][ T9414] netlink: 4 bytes leftover after parsing attributes in process `syz.0.808'.
[  497.706635][ T9414] netlink: 4 bytes leftover after parsing attributes in process `syz.0.808'.
[  497.715693][ T9414] netlink: 4 bytes leftover after parsing attributes in process `syz.0.808'.
[  497.724670][ T9414] netlink: 4 bytes leftover after parsing attributes in process `syz.0.808'.
[  497.733799][ T9414] netlink: 4 bytes leftover after parsing attributes in process `syz.0.808'.
[  497.742806][ T9414] netlink: 4 bytes leftover after parsing attributes in process `syz.0.808'.
[  499.551136][ T9438] loop4: detected capacity change from 0 to 512
[  499.607354][ T9438] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  499.699575][ T9438] EXT4-fs (loop4): 1 truncate cleaned up
[  499.716999][ T9438] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  501.111295][ T7618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  501.592037][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  501.598820][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  502.728552][ T9480] loop4: detected capacity change from 0 to 512
[  502.748933][ T9480] FAT-fs (loop4): Unrecognized mount option "" or missing value
[  503.255697][ T9479] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[  505.221555][ T9497] PKCS8: Unsupported PKCS#8 version
[  506.584369][ T9506] netlink: 'syz.1.831': attribute type 4 has an invalid length.
[  510.509234][   T28] kauditd_printk_skb: 34 callbacks suppressed
[  510.509249][   T28] audit: type=1800 audit(1763296566.077:56): pid=9524 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.836" name="cpuacct.usage_percpu" dev="rootfs" ino=11250 res=0 errno=0
[  512.683802][ T9559] __nla_validate_parse: 43 callbacks suppressed
[  512.690666][ T9559] netlink: 292 bytes leftover after parsing attributes in process `syz.1.846'.
[  512.699969][ T9559] netlink: 144 bytes leftover after parsing attributes in process `syz.1.846'.
[  513.680768][ T9570] loop4: detected capacity change from 0 to 256
[  513.703783][ T9570] FAT-fs (loop4): Unrecognized mount option "ÿÿÿÿÿÿÿÿ" or missing value
[  519.523502][ T9599] syz.4.857 (9599) used greatest stack depth: 17960 bytes left
[  520.989597][ T9614] syz.0.859 uses obsolete (PF_INET,SOCK_PACKET)
[  522.051745][    C0] sl0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 20440 ms
[  522.060366][    C0] sl0: transmit timed out, driver error?
[  522.386761][ T9627] loop4: detected capacity change from 0 to 512
[  522.398620][ T9627] ext2: Unknown parameter 'permit_directio'
[  528.514167][ T9667] loop4: detected capacity change from 0 to 256
[  528.525679][ T9667] exfat: Deprecated parameter 'utf8'
[  528.531393][ T9667] exfat: Deprecated parameter 'utf8'
[  528.536854][ T9667] exfat: Deprecated parameter 'namecase'
[  528.577603][ T9667] exFAT-fs (loop4): error, The cluster chain has a loop
[  528.584881][ T9667] exFAT-fs (loop4): failed to count the number of clusters in root
[  528.592959][ T9667] exFAT-fs (loop4): failed to recognize exfat type
[  531.044821][   T28] audit: type=1326 audit(1763296586.627:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9685 comm="syz.4.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faabb98f6c9 code=0x7ffc0000
[  531.417903][ T9687] loop4: detected capacity change from 0 to 40427
[  532.013125][ T9695] netlink: 68 bytes leftover after parsing attributes in process `syz.3.877'.
[  533.089470][   T28] audit: type=1326 audit(1763296586.647:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9685 comm="syz.4.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faabb98f6c9 code=0x7ffc0000
[  533.194032][ T9687] F2FS-fs (loop4): invalid crc value
[  533.212175][ T9687] F2FS-fs (loop4): Found nat_bits in checkpoint
[  533.280435][   T28] audit: type=1326 audit(1763296586.657:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9685 comm="syz.4.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faabb98f6c9 code=0x7ffc0000
[  533.293311][ T9687] F2FS-fs (loop4): Start checkpoint disabled!
[  533.399074][ T9687] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  533.458182][   T28] audit: type=1326 audit(1763296586.657:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9685 comm="syz.4.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faabb98f6c9 code=0x7ffc0000
[  533.533313][   T28] audit: type=1326 audit(1763296586.657:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9685 comm="syz.4.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faabb98f6c9 code=0x7ffc0000
[  533.599309][   T28] audit: type=1326 audit(1763296586.657:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9685 comm="syz.4.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7faabb98f6c9 code=0x7ffc0000
[  533.778198][ T9705] Bluetooth: MGMT ver 1.22
[  533.886557][   T28] audit: type=1326 audit(1763296586.657:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9685 comm="syz.4.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faabb98f6c9 code=0x7ffc0000
[  534.161382][   T28] audit: type=1326 audit(1763296586.657:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9685 comm="syz.4.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7faabb98f6c9 code=0x7ffc0000
[  534.435529][   T28] audit: type=1326 audit(1763296586.657:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9685 comm="syz.4.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faabb98f6c9 code=0x7ffc0000
[  534.659094][   T28] audit: type=1326 audit(1763296586.657:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9685 comm="syz.4.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faabb98f6c9 code=0x7ffc0000
[  536.893851][ T9711] (null): rxe_set_mtu: Set mtu to 1024
[  536.906596][ T9711] rdma_rxe: rxe_newlink: failed to add veth1_to_team
[  537.751308][   T62] kworker/u4:5: attempt to access beyond end of device
[  537.751308][   T62] loop4: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  537.768130][   T62] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  537.787576][   T62] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  537.891878][ T9720] netlink: 'syz.0.883': attribute type 4 has an invalid length.
[  538.540759][   T62] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  538.547789][   T62] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  539.530709][ T9734] netlink: 12 bytes leftover after parsing attributes in process `syz.1.893'.
[  541.172152][ T9747] netlink: 3 bytes leftover after parsing attributes in process `syz.0.891'.
[  541.363452][ T9747] batadv1: entered allmulticast mode
[  542.815416][   T28] kauditd_printk_skb: 29 callbacks suppressed
[  542.815431][   T28] audit: type=1326 audit(1763296598.397:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9753 comm="syz.3.894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf7d78f6c9 code=0x7ffc0000
[  542.924255][ T9756] loop4: detected capacity change from 0 to 256
[  542.938139][ T9756] FAT-fs (loop4): Unrecognized mount option "uid=šÿÿÿÿÿÿÿÿ" or missing value
[  543.558228][   T28] audit: type=1326 audit(1763296598.427:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9753 comm="syz.3.894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf7d78f6c9 code=0x7ffc0000
[  543.999273][ T9557] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  544.032029][   T28] audit: type=1326 audit(1763296599.577:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9753 comm="syz.3.894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdf7d78f6c9 code=0x7ffc0000
[  544.055956][   T28] audit: type=1326 audit(1763296599.577:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9753 comm="syz.3.894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf7d78f6c9 code=0x7ffc0000
[  544.091150][   T28] audit: type=1326 audit(1763296599.577:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9753 comm="syz.3.894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf7d78f6c9 code=0x7ffc0000
[  544.619293][   T28] audit: type=1326 audit(1763296600.107:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9753 comm="syz.3.894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fdf7d78f6c9 code=0x7ffc0000
[  544.727176][ T9764] netlink: 'syz.4.896': attribute type 4 has an invalid length.
[  545.357960][   T28] audit: type=1326 audit(1763296600.187:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9753 comm="syz.3.894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf7d78f6c9 code=0x7ffc0000
[  545.659332][   T28] audit: type=1326 audit(1763296600.187:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9753 comm="syz.3.894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf7d78f6c9 code=0x7ffc0000
[  545.698958][   T28] audit: type=1326 audit(1763296600.197:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9753 comm="syz.3.894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdf7d78f6c9 code=0x7ffc0000
[  546.459336][   T28] audit: type=1326 audit(1763296600.197:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9753 comm="syz.3.894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf7d78f6c9 code=0x7ffc0000
[  546.623974][ T9775] loop4: detected capacity change from 0 to 1024
[  546.645385][ T9775] EXT4-fs: Invalid want_extra_isize 7
[  546.740984][ T9778] netlink: 104 bytes leftover after parsing attributes in process `syz.3.903'.
[  546.841809][ T9557] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  547.095364][ T9780] ufs: You didn't specify the type of your ufs filesystem
[  547.095364][ T9780] 
[  547.095364][ T9780] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  547.095364][ T9780] 
[  547.095364][ T9780] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  547.127098][ T9780] ufs: ufstype=old is supported read-only
[  547.143409][ T9780] syz.0.901: attempt to access beyond end of device
[  547.143409][ T9780] loop1: rw=0, sector=16, nr_sectors = 2 limit=0
[  548.488299][ T9783] loop4: detected capacity change from 0 to 32768
[  549.061495][ T9783] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  549.304288][ T9783] XFS (loop4): Ending clean mount
[  549.329518][ T9783] XFS (loop4): Quotacheck needed: Please wait.
[  549.448099][ T9783] XFS (loop4): Quotacheck: Done.
[  549.835870][ T7618] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  551.801152][ T9815] netlink: 'syz.1.908': attribute type 10 has an invalid length.
[  551.808961][ T9815] netlink: 40 bytes leftover after parsing attributes in process `syz.1.908'.
[  551.856712][ T9815] team0: entered promiscuous mode
[  551.869278][ T9815] team_slave_0: entered promiscuous mode
[  551.875263][ T9815] team_slave_1: entered promiscuous mode
[  551.899469][ T9815] team0: entered allmulticast mode
[  551.909886][ T9815] team_slave_0: entered allmulticast mode
[  551.929582][ T9815] team_slave_1: entered allmulticast mode
[  551.940507][ T9815] bridge0: port 3(team0) entered blocking state
[  551.949619][ T9815] bridge0: port 3(team0) entered disabled state
[  552.121514][ T9815] bridge0: port 3(team0) entered blocking state
[  552.127887][ T9815] bridge0: port 3(team0) entered forwarding state
[  553.527620][ T9838] netlink: 3 bytes leftover after parsing attributes in process `syz.1.911'.
[  553.657367][ T9838] batadv1: entered allmulticast mode
[  555.288620][ T9849] loop4: detected capacity change from 0 to 4096
[  555.300547][ T9849] EXT4-fs: Ignoring removed mblk_io_submit option
[  555.364559][ T9849] EXT4-fs (loop4): Test dummy encryption mode enabled
[  555.717703][ T9849] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  558.183371][ T7618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  558.779696][ T9857] sctp: failed to load transform for md5: -2
[  559.457457][ T9875] netlink: 'syz.0.922': attribute type 10 has an invalid length.
[  559.487852][ T9875] netlink: 40 bytes leftover after parsing attributes in process `syz.0.922'.
[  559.509651][ T9875] team0: entered promiscuous mode
[  559.525061][ T9875] team_slave_0: entered promiscuous mode
[  559.532632][ T9875] team_slave_1: entered promiscuous mode
[  559.548627][ T9875] team0: entered allmulticast mode
[  559.571010][ T9875] team_slave_0: entered allmulticast mode
[  559.587576][ T9875] team_slave_1: entered allmulticast mode
[  559.618577][ T9875] bridge0: port 3(team0) entered blocking state
[  559.732146][ T9875] bridge0: port 3(team0) entered disabled state
[  560.404984][ T9875] bridge0: port 3(team0) entered blocking state
[  560.411449][ T9875] bridge0: port 3(team0) entered forwarding state
[  563.128157][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  563.134695][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  564.556940][ T9914] kernel read not supported for file / 
œ7³ÏüâW)ës“§Ç!Q�öì¥fsõl{T‡rÒ)r§ÖOš˜õ2:"ôÀT+ÍŸv|�Õ²DvcŽ“ØÖ Å6Òxãc: (pid: 9914 comm: syz.1.934)
[  564.608385][   T28] kauditd_printk_skb: 40 callbacks suppressed
[  564.608422][   T28] audit: type=1800 audit(1763296620.157:146): pid=9914 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.934" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=19555 res=0 errno=0
[  567.099270][ T9922] netlink: 12 bytes leftover after parsing attributes in process `syz.0.937'.
[  567.433535][ T9933] bridge0: entered allmulticast mode
[  567.914630][   T23] libceph: connect (1)[c::]:6789 error -101
[  567.929418][   T23] libceph: mon0 (1)[c::]:6789 connect error
[  568.036979][ T9944] ceph: No mds server is up or the cluster is laggy
[  574.465874][T10001] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[  574.472936][T10001] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  575.393027][T10001] vhci_hcd vhci_hcd.0: Device attached
[  575.422032][T10005] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(12)
[  575.428711][T10005] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  576.344908][T10013] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  576.573457][ T9525] usb 41-1: new low-speed USB device number 2 using vhci_hcd
[  576.610432][T10001] vhci_hcd vhci_hcd.0: pdev(4) rhport(2) sockfd(11)
[  576.617093][T10001] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  576.681595][T10005] vhci_hcd vhci_hcd.0: Device attached
[  576.681595][T10001] vhci_hcd vhci_hcd.0: Device attached
[  576.799597][T10001] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(14)
[  576.806258][T10001] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  576.849351][T10014] vhci_hcd vhci_hcd.0: pdev(4) rhport(4) sockfd(19)
[  576.856030][T10014] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  576.922650][T10005] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  576.969538][T10001] vhci_hcd vhci_hcd.0: Device attached
[  576.986351][T10014] vhci_hcd vhci_hcd.0: Device attached
[  577.024992][T10001] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  577.069720][T10013] vhci_hcd vhci_hcd.0: pdev(4) rhport(6) sockfd(22)
[  577.076383][T10013] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  577.143495][T10013] vhci_hcd vhci_hcd.0: Device attached
[  577.166357][T10001] vhci_hcd vhci_hcd.0: port 0 already used
[  577.240816][T10020] vhci_hcd: connection closed
[  577.241185][T10018] vhci_hcd: connection closed
[  577.243796][T10016] vhci_hcd: connection closed
[  577.251303][  T993] vhci_hcd: stop threads
[  577.291057][  T993] vhci_hcd: release socket
[  577.298596][T10006] vhci_hcd: connection closed
[  577.300171][T10002] vhci_hcd: connection reset by peer
[  577.313830][  T993] vhci_hcd: disconnect device
[  577.321016][T10010] vhci_hcd: connection closed
[  577.343483][  T993] vhci_hcd: stop threads
[  577.390419][  T993] vhci_hcd: release socket
[  577.399851][  T993] vhci_hcd: disconnect device
[  577.420552][  T993] vhci_hcd: stop threads
[  577.424953][  T993] vhci_hcd: release socket
[  577.459246][  T993] vhci_hcd: disconnect device
[  577.473662][  T993] vhci_hcd: stop threads
[  577.477963][  T993] vhci_hcd: release socket
[  577.499874][  T993] vhci_hcd: disconnect device
[  577.539409][  T993] vhci_hcd: stop threads
[  577.549517][  T993] vhci_hcd: release socket
[  577.559208][  T993] vhci_hcd: disconnect device
[  577.564790][  T993] vhci_hcd: stop threads
[  577.569065][  T993] vhci_hcd: release socket
[  577.593904][  T993] vhci_hcd: disconnect device
[  578.721395][T10047] bridge0: port 3(syz_tun) entered blocking state
[  581.459362][T10047] bridge0: port 3(syz_tun) entered disabled state
[  581.490593][T10047] syz_tun: entered allmulticast mode
[  581.560922][T10047] syz_tun: entered promiscuous mode
[  581.799514][ T9525] vhci_hcd: vhci_device speed not set
[  582.079945][T10067] netlink: 'syz.1.966': attribute type 7 has an invalid length.
[  582.099699][T10067] netdevsim netdevsim1 : renamed from netdevsim0 (while UP)
[  582.832611][T10048] netlink: 3 bytes leftover after parsing attributes in process `syz.4.959'.
[  583.501223][    C0] sl0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 20360 ms
[  583.509294][    C0] sl0: transmit timed out, driver error?
[  584.225314][T10048] batadv1: entered allmulticast mode
[  584.710385][   T23] usb usb42-port1: attempt power cycle
[  584.955717][ T3439] batman_adv: batadv1: adding TT local entry 33:33:00:00:00:01 to non-existent VLAN -1
[  585.177137][T10077] tipc: Started in network mode
[  585.189447][T10077] tipc: Node identity 4, cluster identity 4711
[  585.209981][T10077] tipc: Node number set to 4
[  585.400405][   T23] usb usb42-port1: unable to enumerate USB device
[  590.491102][   T28] audit: type=1326 audit(1763296646.077:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10111 comm="syz.4.980" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faabb98f6c9 code=0x0
[  592.126526][T10129] loop4: detected capacity change from 0 to 512
[  592.184038][T10129] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  592.388798][T10129] EXT4-fs error (device loop4): __ext4_fill_super:5497: inode #2: comm syz.4.985: inode has both inline data and extents flags
[  592.631204][T10129] EXT4-fs (loop4): Remounting filesystem read-only
[  592.849663][T10129] EXT4-fs (loop4): get root inode failed
[  592.855664][T10129] EXT4-fs (loop4): mount failed
[  596.566626][T10175] netlink: 8 bytes leftover after parsing attributes in process `syz.3.994'.
[  597.559642][T10175] wireguard0: entered promiscuous mode
[  597.565165][T10175] wireguard0: entered allmulticast mode
[  599.134461][T10179] loop4: detected capacity change from 0 to 40427
[  599.235523][T10179] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  599.243614][T10179] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  599.276980][T10179] F2FS-fs (loop4): invalid crc value
[  599.337055][T10179] F2FS-fs (loop4): Found nat_bits in checkpoint
[  599.788835][T10190] netlink: 12 bytes leftover after parsing attributes in process `syz.3.999'.
[  601.929517][T10205] sctp: [Deprecated]: syz.1.1001 (pid 10205) Use of struct sctp_assoc_value in delayed_ack socket option.
[  601.929517][T10205] Use struct sctp_sack_info instead
[  607.039803][T10225] MTD: Couldn't look up './file0': -15
[  609.484798][T10252] tmpfs: Bad value for 'mpol'
[  610.146638][T10255] loop4: detected capacity change from 0 to 512
[  611.487778][T10255] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  611.561773][T10255] block device autoloading is deprecated and will be removed.
[  611.569681][T10255] EXT4-fs (loop4): external journal has bad superblock
[  623.127448][ T5789] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  623.136794][ T5789] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  623.144633][ T5789] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  623.152505][ T5789] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  623.163678][ T5789] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  623.171546][ T5789] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  623.449964][T10316] loop4: detected capacity change from 0 to 1024
[  623.489391][T10316] EXT4-fs: Ignoring removed oldalloc option
[  623.495626][T10316] EXT4-fs: Ignoring removed orlov option
[  623.594563][T10316] EXT4-fs: Ignoring removed orlov option
[  623.614263][T10316] EXT4-fs (loop4): stripe (4098) is not aligned with cluster size (16), stripe is disabled
[  623.710872][T10316] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  623.905180][ T7618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  624.238226][T10309] chnl_net:caif_netlink_parms(): no params data found
[  624.721580][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  624.733235][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  625.249462][ T5789] Bluetooth: hci2: command tx timeout
[  625.898022][T10309] bridge0: port 1(bridge_slave_0) entered blocking state
[  625.979518][T10309] bridge0: port 1(bridge_slave_0) entered disabled state
[  625.987464][T10309] bridge_slave_0: entered allmulticast mode
[  626.098326][T10340] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1034'.
[  626.598779][T10309] bridge_slave_0: entered promiscuous mode
[  626.608173][T10309] bridge0: port 2(bridge_slave_1) entered blocking state
[  626.623135][T10309] bridge0: port 2(bridge_slave_1) entered disabled state
[  626.642766][T10309] bridge_slave_1: entered allmulticast mode
[  626.675518][T10309] bridge_slave_1: entered promiscuous mode
[  626.898672][   T28] audit: type=1326 audit(1763296682.477:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10348 comm="syz.0.1037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ed338f6c9 code=0x7ffc0000
[  627.345536][ T5789] Bluetooth: hci2: command tx timeout
[  627.557737][T10346] loop4: detected capacity change from 0 to 164
[  627.574343][   T28] audit: type=1326 audit(1763296682.477:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10348 comm="syz.0.1037" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ed338f6c9 code=0x7ffc0000
[  627.730368][T10283] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  627.923709][T10309] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  628.117008][T10309] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  630.190735][ T5789] Bluetooth: hci2: command tx timeout
[  631.802461][ T5797] infiniband syz2: set down
[  631.973895][   T27] infiniband syz2: ib_query_port failed (-19)
[  632.064313][ T3532] smc: removing ib device syz2
[  633.602117][ T5789] Bluetooth: hci2: command tx timeout
[  634.186654][T10309] team0: Port device team_slave_0 added
[  634.419533][ T5860] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  635.046594][    C0] raw-gadget.0 gadget.4: ignoring, device is not running
[  635.072744][T10309] team0: Port device team_slave_1 added
[  635.083017][T10384] netlink: 'syz.3.1044': attribute type 3 has an invalid length.
[  635.091287][T10384] netlink: 'syz.3.1044': attribute type 3 has an invalid length.
[  635.229598][ T5860] usb 5-1: device descriptor read/64, error -32
[  636.397647][ T5860] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[  637.429664][T10403] bridge0: port 4(team0) entered blocking state
[  637.436139][T10403] bridge0: port 4(team0) entered disabled state
[  637.442600][T10403] team0: entered allmulticast mode
[  637.447733][T10403] team_slave_0: entered allmulticast mode
[  637.453717][T10403] team_slave_1: entered allmulticast mode
[  637.461195][T10403] team0: entered promiscuous mode
[  637.466252][T10403] team_slave_0: entered promiscuous mode
[  637.472069][T10403] team_slave_1: entered promiscuous mode
[  637.601683][T10309] batman_adv: batadv0: Adding interface: batadv_slave_0
[  637.608756][T10309] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  637.829592][T10309] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  637.908722][T10309] batman_adv: batadv0: Adding interface: batadv_slave_1
[  637.980308][T10309] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  638.149553][T10309] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  639.713412][T10309] hsr_slave_0: entered promiscuous mode
[  640.258502][  T968] IPVS: starting estimator thread 0...
[  640.330989][T10309] hsr_slave_1: entered promiscuous mode
[  640.389585][T10422] IPVS: using max 29 ests per chain, 69600 per kthread
[  640.639513][T10309] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  640.659867][T10309] Cannot create hsr debugfs directory
[  641.822548][T10429] netlink: 'syz.0.1052': attribute type 21 has an invalid length.
[  641.833159][T10429] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1052'.
[  641.853931][T10429] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1052'.
[  642.694886][T10448] loop4: detected capacity change from 0 to 2048
[  644.626290][T10448] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  645.118392][ T7618] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  645.144038][ T6519] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  645.190932][ T6519] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  645.359863][ T6519] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  645.376342][ T6519] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  645.493723][ T6519] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  645.508767][ T6519] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  645.570668][    C0] sl0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 20830 ms
[  645.578734][    C0] sl0: transmit timed out, driver error?
[  647.543739][ T6519] netdevsim netdevsim1  (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  647.576115][ T6519] netdevsim netdevsim1  (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  647.788253][T10309] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  647.817056][T10309] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  647.895049][T10309] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  648.396072][T10486] overlayfs: failed to clone upperpath
[  649.952739][T10309] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  651.743962][T10505] x_tables: ip_tables: icmp match: only valid for protocol 1
[  652.125644][ T6519] tipc: Left network mode
[  652.153930][T10309] 8021q: adding VLAN 0 to HW filter on device bond0
[  652.315932][T10309] 8021q: adding VLAN 0 to HW filter on device team0
[  652.364586][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[  652.371932][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[  652.492375][T10515] overlayfs: failed to clone upperpath
[  652.740432][ T6519] bond1: (slave ip6gretap1): Releasing backup interface
[  653.011206][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[  653.018404][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[  660.532500][ T6519] bond2: (slave gretap1): Releasing active interface
[  661.435247][T10309] 8021q: adding VLAN 0 to HW filter on device batadv0
[  664.905083][ T6519] hsr_slave_0: left promiscuous mode
[  664.949814][ T6519] hsr_slave_1: left promiscuous mode
[  665.013592][ T6519] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  665.039651][ T6519] batman_adv: batadv0: Removing interface: batadv_slave_0
[  666.641506][ T6519] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  666.648980][ T6519] batman_adv: batadv0: Removing interface: batadv_slave_1
[  666.681373][ T6519] batman_adv: batadv0: Removing interface: virt_wifi0
[  666.706344][ T6519] bridge0: port 3(team0) entered disabled state
[  666.744400][ T6519] bridge_slave_1: left allmulticast mode
[  666.756173][ T6519] bridge_slave_1: left promiscuous mode
[  666.762334][ T6519] bridge0: port 2(bridge_slave_1) entered disabled state
[  666.777985][ T6519] bridge_slave_0: left allmulticast mode
[  666.785154][ T6519] bridge_slave_0: left promiscuous mode
[  666.802035][ T6519] bridge0: port 1(bridge_slave_0) entered disabled state
[  666.983937][ T6519] bond_slave_0: left promiscuous mode
[  666.989746][ T6519] bond_slave_1: left promiscuous mode
[  666.996414][ T6519] veth1_vlan: left promiscuous mode
[  667.003201][ T6519] veth0_vlan: left promiscuous mode
[  667.767070][ T6519] bond2 (unregistering): (slave bridge1): Releasing active interface
[  667.805472][ T6519] bond2 (unregistering): Released all slaves
[  667.840428][ T6519] bond1 (unregistering): (slave macvlan2): Removing an active aggregator
[  667.853625][ T6519] bond1 (unregistering): (slave macvlan2): Releasing backup interface
[  668.085384][ T6519] bond1 (unregistering): Released all slaves
[  669.094397][ T6519] team_slave_1 (unregistering): left promiscuous mode
[  669.101931][ T6519] team_slave_1 (unregistering): left allmulticast mode
[  669.115929][ T6519] team0 (unregistering): Port device team_slave_1 removed
[  669.163058][ T6519] team_slave_0 (unregistering): left promiscuous mode
[  669.170053][ T6519] team_slave_0 (unregistering): left allmulticast mode
[  669.181486][ T6519] team0 (unregistering): Port device team_slave_0 removed
[  669.228825][ T6519] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  669.282646][ T6519] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  669.886688][ T6519] bond0 (unregistering): Released all slaves
[  669.960948][ T6519] bridge0 (unregistering): left allmulticast mode
[  670.661489][T10645] netlink: 'syz.3.1093': attribute type 33 has an invalid length.
[  670.669586][T10645] netlink: 51 bytes leftover after parsing attributes in process `syz.3.1093'.
[  672.099707][T10309] veth0_vlan: entered promiscuous mode
[  672.168437][T10309] veth1_vlan: entered promiscuous mode
[  672.945509][T10309] veth0_macvtap: entered promiscuous mode
[  673.069070][T10309] veth1_macvtap: entered promiscuous mode
[  673.212931][T10309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  673.275396][T10309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  673.286096][T10309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  673.298438][T10309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  673.308729][T10309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  673.324687][T10309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  673.346886][T10309] batman_adv: batadv0: Interface activated: batadv_slave_0
[  673.430177][T10309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  674.221335][T10689] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1102'.
[  674.230410][T10309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  674.240334][T10309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  674.250811][T10309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  674.260703][T10309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  674.275990][T10309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  674.296535][T10309] batman_adv: batadv0: Interface activated: batadv_slave_1
[  674.322960][T10309] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  674.332862][T10309] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  674.554717][T10309] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  676.959556][T10309] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  678.335623][ T6519] IPVS: stop unused estimator thread 0...
[  681.726253][ T5795] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  681.738317][ T5795] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  681.749367][ T5795] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  681.758587][ T5795] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  681.775075][ T5795] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  681.782659][ T5795] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  684.203387][ T5789] Bluetooth: hci3: command tx timeout
[  684.280005][T10776] veth0_to_team: entered promiscuous mode
[  684.285778][T10776] veth0_to_team: entered allmulticast mode
[  685.758780][T10753] chnl_net:caif_netlink_parms(): no params data found
[  685.896744][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  685.903193][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  687.286421][T10802] ceph: No mds server is up or the cluster is laggy
[  687.295153][ T5789] Bluetooth: hci3: command tx timeout
[  687.478634][  T968] libceph: connect (1)[c::]:6789 error -101
[  687.484877][  T968] libceph: mon0 (1)[c::]:6789 connect error
[  687.781536][T10808] x_tables: ip6_tables: rpfilter match: used from hooks INPUT, but only valid from PREROUTING
[  687.871865][T10810] usb usb9: usbfs: process 10810 (syz.4.1122) did not claim interface 0 before use
[  688.484734][ T6519] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  691.277687][ T5789] Bluetooth: hci3: command tx timeout
[  691.475611][ T6519] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  692.861054][ T6519] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  693.389789][ T5789] Bluetooth: hci3: command tx timeout
[  694.120191][ T6519] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  694.209841][T10753] bridge0: port 1(bridge_slave_0) entered blocking state
[  694.238083][T10753] bridge0: port 1(bridge_slave_0) entered disabled state
[  694.295944][T10753] bridge_slave_0: entered allmulticast mode
[  694.336355][T10753] bridge_slave_0: entered promiscuous mode
[  694.370228][T10753] bridge0: port 2(bridge_slave_1) entered blocking state
[  694.418143][T10753] bridge0: port 2(bridge_slave_1) entered disabled state
[  694.452452][T10753] bridge_slave_1: entered allmulticast mode
[  694.493914][T10753] bridge_slave_1: entered promiscuous mode
[  695.092070][T10753] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  695.124639][T10753] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  696.038595][T10753] team0: Port device team_slave_0 added
[  696.093547][T10753] team0: Port device team_slave_1 added
[  697.794400][T10753] batman_adv: batadv0: Adding interface: batadv_slave_0
[  697.813875][T10753] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  697.855756][T10753] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  697.921973][T10875] overlayfs: overlapping lowerdir path
[  697.925042][T10753] batman_adv: batadv0: Adding interface: batadv_slave_1
[  697.947302][T10753] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  698.021810][T10753] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  698.145878][T10881] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  698.165267][T10881] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  700.721122][T10753] hsr_slave_0: entered promiscuous mode
[  700.862713][T10753] hsr_slave_1: entered promiscuous mode
[  700.931330][T10883] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1135'.
[  701.035647][T10883] bridge0: port 2(bridge_slave_1) entered disabled state
[  701.043068][T10883] bridge0: port 1(bridge_slave_0) entered disabled state
[  705.282750][T10937] overlayfs: failed to clone upperpath
[  705.508348][T10933] syz_tun: entered allmulticast mode
[  706.379306][    C0] sl0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 20470 ms
[  706.387415][    C0] sl0: transmit timed out, driver error?
[  712.090627][ T6519] hsr_slave_0: left promiscuous mode
[  712.097927][   T28] audit: type=1326 audit(1763296767.677:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10986 comm="syz.4.1155" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7faabb98f6c9 code=0x0
[  712.144249][ T6519] hsr_slave_1: left promiscuous mode
[  712.160848][ T6519] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  712.195063][ T6519] batman_adv: batadv0: Removing interface: batadv_slave_0
[  712.266666][T10998] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[  712.273252][T10998] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  712.465419][T10998] vhci_hcd vhci_hcd.0: Device attached
[  713.144771][ T6519] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  713.243835][ T6519] batman_adv: batadv0: Removing interface: batadv_slave_1
[  714.177598][   T23] usb 41-1: new high-speed USB device number 3 using vhci_hcd
[  714.192447][ T6519] bridge_slave_1: left allmulticast mode
[  714.235924][ T6519] bridge_slave_1: left promiscuous mode
[  714.248566][ T6519] bridge0: port 2(bridge_slave_1) entered disabled state
[  715.476409][T10999] vhci_hcd: connection reset by peer
[  715.498968][   T12] vhci_hcd: stop threads
[  715.508427][   T12] vhci_hcd: release socket
[  715.518523][ T6519] bridge_slave_0: left allmulticast mode
[  715.539336][   T12] vhci_hcd: disconnect device
[  715.554243][ T6519] bridge_slave_0: left promiscuous mode
[  715.705091][ T6519] bridge0: port 1(bridge_slave_0) entered disabled state
[  715.754807][ T6519] veth1_macvtap: left promiscuous mode
[  715.761519][ T6519] veth0_macvtap: left promiscuous mode
[  715.768577][ T6519] veth1_vlan: left promiscuous mode
[  715.775055][ T6519] veth0_vlan: left promiscuous mode
[  719.447696][   T23] vhci_hcd: vhci_device speed not set
[  720.233333][T11047] trusted_key: encrypted_key: keyword 'update' not allowed when called from .instantiate method
[  721.618586][ T6519] team0 (unregistering): Port device team_slave_1 removed
[  721.706675][ T6519] team0 (unregistering): Port device team_slave_0 removed
[  721.807084][ T6519] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  721.984224][ T6519] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  722.621444][ T6519] bond0 (unregistering): Released all slaves
[  722.758130][T11052] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1166'.
[  722.807071][T11052] syz_tun (unregistering): left allmulticast mode
[  722.813716][T11052] syz_tun (unregistering): left promiscuous mode
[  722.821435][T11052] bridge0: port 3(syz_tun) entered disabled state
[  722.907467][T10753] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  722.971176][T10753] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  723.024625][T10753] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  723.229026][T10753] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  724.443057][T11086] 9pnet_fd: Insufficient options for proto=fd
[  724.532297][T10753] 8021q: adding VLAN 0 to HW filter on device bond0
[  724.577937][T11092] syz.4.1171 (11092): attempted to duplicate a private mapping with mremap.  This is not supported.
[  724.594108][T10753] 8021q: adding VLAN 0 to HW filter on device team0
[  724.666141][T10753] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  724.676756][T10753] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  724.723889][T10180] bridge0: port 1(bridge_slave_0) entered blocking state
[  724.731143][T10180] bridge0: port 1(bridge_slave_0) entered forwarding state
[  724.774849][T10180] bridge0: port 2(bridge_slave_1) entered blocking state
[  724.782101][T10180] bridge0: port 2(bridge_slave_1) entered forwarding state
[  726.257767][T10753] 8021q: adding VLAN 0 to HW filter on device batadv0
[  726.986656][T11130] netlink: 'syz.0.1178': attribute type 10 has an invalid length.
[  726.994857][T11130] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1178'.
[  727.024958][T11130] batman_adv: batadv0: Adding interface: virt_wifi0
[  727.031751][T11130] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  727.067882][T11130] batman_adv: batadv0: Interface activated: virt_wifi0
[  727.791542][T11134] loop5: detected capacity change from 0 to 7
[  727.989340][T11134] Dev loop5: unable to read RDB block 7
[  728.000051][T11134]  loop5: unable to read partition table
[  728.009029][T11134] loop5: partition table beyond EOD, truncated
[  728.019727][T11134] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5)
[  728.940533][T11148] netlink: 'syz.3.1183': attribute type 10 has an invalid length.
[  729.013165][T11148] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  729.059397][T11150] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(10)
[  729.066088][T11150] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  729.130704][ T6519] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  729.138585][ T6519] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  729.157947][T11150] vhci_hcd vhci_hcd.0: Device attached
[  729.169349][T11150] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  729.195238][T11150] vhci_hcd vhci_hcd.0: pdev(4) rhport(2) sockfd(14)
[  729.201909][T11150] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  729.219489][T11150] vhci_hcd vhci_hcd.0: Device attached
[  729.317662][T10753] veth0_vlan: entered promiscuous mode
[  729.377883][T10753] veth1_vlan: entered promiscuous mode
[  729.399691][T11159] vhci_hcd vhci_hcd.0: pdev(4) rhport(3) sockfd(16)
[  729.406437][T11159] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  729.444295][T10753] veth0_macvtap: entered promiscuous mode
[  729.454434][T10753] veth1_macvtap: entered promiscuous mode
[  729.496550][T11159] vhci_hcd vhci_hcd.0: Device attached
[  729.506240][T10753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  730.023338][T11159] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  730.196669][T11169] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  730.210993][T10753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  730.215390][T11150] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(18)
[  730.227448][T11150] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  730.230609][T10753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  730.248457][T10753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  730.260165][T11159] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  730.268850][T10753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  730.283862][ T5860] usb 41-1: new low-speed USB device number 4 using vhci_hcd
[  730.292189][T11150] vhci_hcd vhci_hcd.0: Device attached
[  730.309333][T10753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  730.455393][T10753] batman_adv: batadv0: Interface activated: batadv_slave_0
[  730.478705][T10753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  730.497734][T10753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  730.508066][T10753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  730.531988][T10753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  730.539260][T11159] vhci_hcd vhci_hcd.0: pdev(4) rhport(7) sockfd(27)
[  730.544264][T10753] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  730.548448][T11159] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  730.581551][T11159] vhci_hcd vhci_hcd.0: Device attached
[  730.774265][T10753] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  731.188615][T10753] batman_adv: batadv0: Interface activated: batadv_slave_1
[  731.362926][T11166] vhci_hcd: connection closed
[  731.363403][  T993] vhci_hcd: stop threads
[  731.372598][T11172] vhci_hcd: connection closed
[  731.376129][T11151] vhci_hcd: connection reset by peer
[  731.386484][T11154] vhci_hcd: connection closed
[  731.386675][T11160] vhci_hcd: connection closed
[  731.396416][T10753] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  731.420111][  T993] vhci_hcd: release socket
[  731.431640][T10753] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  731.440482][T10753] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  731.449268][T10753] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  731.472379][  T993] vhci_hcd: disconnect device
[  731.485702][  T993] vhci_hcd: stop threads
[  731.490617][  T993] vhci_hcd: release socket
[  731.496310][  T993] vhci_hcd: disconnect device
[  731.505237][  T993] vhci_hcd: stop threads
[  731.517112][  T993] vhci_hcd: release socket
[  731.539823][  T993] vhci_hcd: disconnect device
[  731.850579][  T993] vhci_hcd: stop threads
[  732.009649][  T993] vhci_hcd: release socket
[  732.097875][  T993] vhci_hcd: disconnect device
[  732.112961][  T993] vhci_hcd: stop threads
[  732.117271][  T993] vhci_hcd: release socket
[  732.137387][  T993] vhci_hcd: disconnect device
[  732.170805][ T2946] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  732.178713][ T2946] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  732.213394][ T2946] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  732.222271][ T2946] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  734.618633][T11195] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  734.629421][T11195] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  734.640202][T11195] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  734.650902][T11195] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  734.662643][T11195] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  734.673369][T11195] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  734.683990][T11195] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  734.694775][T11195] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  734.705378][T11195] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  734.715932][T11195] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512
[  734.809281][   T28] audit: type=1326 audit(1763296790.387:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11214 comm="syz.5.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1387f8f6c9 code=0x7ffc0000
[  735.109702][   T28] audit: type=1326 audit(1763296790.387:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11214 comm="syz.5.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1387f8f6c9 code=0x7ffc0000
[  840.129086][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  840.136171][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P11194/1:b..l
[  840.144832][    C1] rcu: 	(detected by 1, t=10502 jiffies, g=38209, q=341 ncpus=2)
[  840.152584][    C1] task:syz.0.1196      state:R  running task     stack:26024 pid:11194 ppid:5787   flags:0x00004002
[  840.164697][    C1] Call Trace:
[  840.168010][    C1]  <TASK>
[  840.170981][    C1]  __schedule+0x14d2/0x44d0
[  840.175557][    C1]  ? asan.module_dtor+0x20/0x20
[  840.180434][    C1]  ? mark_lock+0x94/0x320
[  840.184819][    C1]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  840.190839][    C1]  ? preempt_schedule_irq+0xaa/0x140
[  840.196163][    C1]  preempt_schedule_irq+0xb5/0x140
[  840.201298][    C1]  ? preempt_schedule_notrace+0x110/0x110
[  840.207050][    C1]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  840.212888][    C1]  irqentry_exit+0x67/0x70
[  840.217326][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  840.223327][    C1] RIP: 0010:queue_work_on+0x187/0x1e0
[  840.228734][    C1] Code: 4d 85 e4 75 16 e8 39 2c 2f 00 eb 15 e8 32 2c 2f 00 e8 4d 6a 18 09 4d 85 e4 74 ea e8 23 2c 2f 00 fb 48 c7 44 24 20 0e 36 e0 45 <48> b8 00 00 00 00 00 fc ff df 49 c7 44 05 00 00 00 00 00 66 41 c7
[  840.248360][    C1] RSP: 0018:ffffc900049ef4c0 EFLAGS: 00000293
[  840.254450][    C1] RAX: ffffffff8156636d RBX: 0000000000000000 RCX: ffff88807ac2da00
[  840.262445][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  840.270443][    C1] RBP: ffffc900049ef590 R08: ffffffff90da861f R09: 1ffffffff21b50c3
[  840.278440][    C1] R10: dffffc0000000000 R11: fffffbfff21b50c4 R12: 0000000000000200
[  840.286428][    C1] R13: 1ffff9200093de9c R14: 0000000000000000 R15: dffffc0000000001
[  840.294442][    C1]  ? queue_work_on+0x17d/0x1e0
[  840.299240][    C1]  ? wq_worker_last_func+0x40/0x40
[  840.304369][    C1]  ? lock_chain_count+0x20/0x20
[  840.309241][    C1]  ? sctp_unhash_transport+0xe66/0x11c0
[  840.314817][    C1]  sctp_unhash_transport+0x110c/0x11c0
[  840.320305][    C1]  ? sctp_unhash_transport+0xd2/0x11c0
[  840.325787][    C1]  ? rhltable_lookup+0x760/0x760
[  840.330765][    C1]  ? sctp_association_put+0x10e/0x2d0
[  840.336173][    C1]  sctp_association_free+0x699/0x7f0
[  840.341489][    C1]  sctp_do_sm+0x3e64/0x59a0
[  840.346043][    C1]  ? sctp_generate_t3_rtx_event+0x340/0x340
[  840.352008][    C1]  ? read_tsc+0x9/0x20
[  840.356100][    C1]  sctp_assoc_bh_rcv+0x3f2/0x630
[  840.361088][    C1]  sctp_backlog_rcv+0x163/0x3e0
[  840.365983][    C1]  ? do_raw_spin_unlock+0x121/0x230
[  840.371232][    C1]  __release_sock+0x1bd/0x430
[  840.375957][    C1]  release_sock+0x5f/0x1c0
[  840.380397][    C1]  sctp_close+0x6fb/0x900
[  840.384776][    C1]  ? __sctp_write_space+0x530/0x530
[  840.390010][    C1]  ? down_write+0x162/0x1f0
[  840.394541][    C1]  ? ip_mc_drop_socket+0x25a/0x270
[  840.399679][    C1]  inet_release+0x13d/0x180
[  840.404213][    C1]  sock_close+0xbd/0x230
[  840.408494][    C1]  ? sock_mmap+0xa0/0xa0
[  840.412796][    C1]  __fput+0x234/0x970
[  840.416841][    C1]  task_work_run+0x1ce/0x250
[  840.421467][    C1]  ? task_work_cancel+0x240/0x240
[  840.426527][    C1]  ? exit_to_user_mode_loop+0x3b/0x110
[  840.432033][    C1]  exit_to_user_mode_loop+0xe6/0x110
[  840.437356][    C1]  exit_to_user_mode_prepare+0xf6/0x180
[  840.442941][    C1]  syscall_exit_to_user_mode+0x1a/0x50
[  840.448426][    C1]  do_syscall_64+0x61/0xb0
[  840.452876][    C1]  ? clear_bhb_loop+0x40/0x90
[  840.457581][    C1]  ? clear_bhb_loop+0x40/0x90
[  840.462292][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  840.468214][    C1] RIP: 0033:0x7f9ed338f6c9
[  840.472665][    C1] RSP: 002b:00007ffcc0b83088 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  840.481104][    C1] RAX: 0000000000000000 RBX: 00007f9ed35e7da0 RCX: 00007f9ed338f6c9
[  840.489091][    C1] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  840.497075][    C1] RBP: 00007f9ed35e7da0 R08: 00000000000253f4 R09: 00000019c0b8337f
[  840.505058][    C1] R10: 00000000005d740c R11: 0000000000000246 R12: 00000000000b3609
[  840.513045][    C1] R13: 00007ffcc0b83180 R14: ffffffffffffffff R15: 00007ffcc0b831a0
[  840.521057][    C1]  </TASK>
[  840.524102][    C1] rcu: rcu_preempt kthread starved for 10502 jiffies! g38209 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  840.535310][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  840.545287][    C1] rcu: RCU grace-period kthread stack dump:
[  840.551180][    C1] task:rcu_preempt     state:R  running task     stack:27496 pid:17    ppid:2      flags:0x00004000
[  840.561993][    C1] Call Trace:
[  840.565287][    C1]  <TASK>
[  840.568233][    C1]  __schedule+0x14d2/0x44d0
[  840.572797][    C1]  ? _raw_spin_unlock+0x11/0x40
[  840.577672][    C1]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  840.583580][    C1]  ? asan.module_dtor+0x20/0x20
[  840.588467][    C1]  ? enqueue_timer+0x225/0x530
[  840.593259][    C1]  ? __mod_timer+0x984/0xdb0
[  840.597886][    C1]  schedule+0xbd/0x170
[  840.601980][    C1]  schedule_timeout+0x160/0x280
[  840.606854][    C1]  ? console_conditional_schedule+0x40/0x40
[  840.612769][    C1]  ? update_process_times+0x1b0/0x1b0
[  840.618181][    C1]  ? prepare_to_swait_event+0x339/0x360
[  840.623751][    C1]  rcu_gp_fqs_loop+0x302/0x1560
[  840.628635][    C1]  ? rcu_gp_init+0x110e/0x1510
[  840.633461][    C1]  ? rcu_gp_kthread+0x380/0x380
[  840.638349][    C1]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  840.644351][    C1]  ? rcu_gp_init+0x1510/0x1510
[  840.649140][    C1]  ? rcu_gp_cleanup+0xb4c/0xca0
[  840.654026][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  840.659258][    C1]  ? lockdep_hardirqs_on+0x98/0x150
[  840.664489][    C1]  rcu_gp_kthread+0x99/0x380
[  840.669122][    C1]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  840.674283][    C1]  ? __kthread_parkme+0x7a/0x1c0
[  840.679262][    C1]  ? __kthread_parkme+0x162/0x1c0
[  840.684324][    C1]  kthread+0x2fa/0x390
[  840.688417][    C1]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  840.693566][    C1]  ? kthread_blkcg+0xd0/0xd0
[  840.698177][    C1]  ret_from_fork+0x48/0x80
[  840.702633][    C1]  ? kthread_blkcg+0xd0/0xd0
[  840.707244][    C1]  ret_from_fork_asm+0x11/0x20
[  840.712045][    C1]  </TASK>
[  840.715089][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  840.721445][    C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted syzkaller #0
[  840.728478][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  840.738544][    C1] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  840.744295][    C1] Code: cc cc cc cc cc cc cc f3 0f 1e fa 0f 0b 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 66 90 0f 00 2d c3 64 39 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 66 0f 1f 00 55 41 57 41 56
[  840.764000][    C1] RSP: 0018:ffffc90000187de0 EFLAGS: 000002c2
[  840.770086][    C1] RAX: 56cc565b55fe4f00 RBX: ffffffff816187ab RCX: 56cc565b55fe4f00
[  840.778077][    C1] RDX: 0000000000000001 RSI: ffffffff8aaabce0 RDI: ffffffff8afc6b00
[  840.786072][    C1] RBP: ffffc90000187f20 R08: ffff8880b8f36b2b R09: 1ffff110171e6d65
[  840.794069][    C1] R10: dffffc0000000000 R11: ffffed10171e6d66 R12: ffffffff8e4a8d68
[  840.802063][    C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff1100364e780
[  840.810052][    C1] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  840.818994][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  840.825592][    C1] CR2: 000000110c388196 CR3: 0000000064b10000 CR4: 00000000003506e0
[  840.833588][    C1] Call Trace:
[  840.836886][    C1]  <TASK>
[  840.839831][    C1]  default_idle+0x13/0x20
[  840.844180][    C1]  default_idle_call+0x6c/0xa0
[  840.848963][    C1]  do_idle+0x1eb/0x510
[  840.853062][    C1]  ? idle_inject_timer_fn+0x60/0x60
[  840.858384][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  840.864642][    C1]  cpu_startup_entry+0x43/0x60
[  840.869436][    C1]  start_secondary+0xee/0xf0
[  840.874048][    C1]  secondary_startup_64_no_verify+0x179/0x17b
[  840.880153][    C1]  </TASK>