last executing test programs:

13m59.478438473s ago: executing program 32 (id=54):
ioprio_set$uid(0x3, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = open(&(0x7f0000000580)='./bus\x00', 0x84242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r0, &(0x7f0000000180)={0xa0, 0x0, 0x0, {{0x4, 0xfffffffffffffffe, 0x5, 0x7, 0x3, 0x1, {0x2000400000080001, 0xfd, 0x20ff, 0xdd6, 0xe, 0xd615, 0x9, 0xffff, 0xfffffffc, 0x8000, 0x0, 0x0, 0x0, 0x5, 0x6}}, {0x0, 0x13}}}, 0xa0)
sendfile(r0, r0, &(0x7f0000000080)=0x9, 0x7f01)

13m59.391075814s ago: executing program 33 (id=55):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000440)=""/173)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600707, 0x8)

12m44.293568648s ago: executing program 34 (id=218):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="791298000000000061138c0000000000bf2000000000000015000000080063033d030100000000009500003a000000006916000000000000bf6700000000000066060500fcff03006706000002000000760300000ee60060bf050000000000003c650000000000006507f9ff01000000070700004cdfffff1e75040000000000bf54000000000000070400000400f9ffad43010000000000d5000000000000000500000000000000950000000000000032410000000000000054bb12dc8c27df8ecfc7bdd2d17f2f1754558f22dd399703d6c4f6f3be0b369289aa6812b8e007e733a9a4f16d0a3e1282ee45a010fb94fe9de56c9d8a814261bdb94a05000000c6c60bf7a13ba1fcf1111ce4fc0d742a81762bab8395fa64810b5b40d893ea8fe0ffffff7f1b546cad3f1d5af65706fd4f68795cce6cf16ab689b555202da2e0ec2871a51445dc8da39e5b0ab71ca9b901627b562ed84b026002d4519af619e3cca4d69e0dee080006774a8f3e691700ec88158f02001b0000c81c8b297dff0445a13d0045fb3cda32a673a6bb55d8c80800dce431e56723888fb126a1403d2b63f16fb2ad9bc117aba7cbebe174aba210d739a018f9bbec63222d20cedbc4d03723f1c932b3a6aa57f1ad2e99e0e67a993716d20000009f0f53acbb40b401e3738270b3156268784f2af9e4bcf8b07a10d6735154be1602f9dd1d7d4301e00000000000460bcc5989ec85e3cbcb6bcfaf0000000000000000bc00f674629709e7e78f4ddc211bc3ebf0bd9d42ca019dd5d0861cd64722cf74686ebfbe2562671cd47840f81d2a8f8f9be3bcd19dc6840aa7afaab43176e65ec1118d50d1e80100008000000000887a5ad103649afa17690884f800031e03a6d1bb96589a7eab049b1bd47287cd31cc43ea0ffb567b40407d000000000000000000000000005f37d83f84e98a523d80bd0d0d703f37ca363f601ae899a56715a0a62a26a0f6a5480a55c22fe394ae0000000000000000000000000000437d57defb79ea000500000000000000000000f014a4a318ba48d35ae9f438000000000000db894b62a614cb1fdd46619c5d2200000000000700000000000000000000006dcd2f421400f69947e4f26e099c9e8369080663c909b7e7c87e3b5e8e5a6df77c8f7338cd5a85f211a41b5d529d4243e47d7ab0d5991756b59d363ba30b18fc2ff189a4e8db38ab97c6a125e2785619e84c6a2b50f0e3ff83ef5149aff43dc899fdebdc2c496e6bdd4dd4d21f06fe133f4444272c5f0839ad663100452a6c6b6421f7e89a33b339401eee2cd466ab2a93a1ee7fb8a9e455ba1c6e17b02a1cd7bf35d36cf5b2a0f063469ae0d0b9fc042b48e98626eb0f9754d8cbbefa3079fe63063047baff09e9aaf7600000fba9a88db9ebef86f7cb522a784bb6d37e5f802757a15c6735138b493db9df53440a63fc565a0b190a710ae1e6807cbeb415ac841e94b706974160a60a14e571274f333d23186143b95514c79b50994cb39cda343bda8f01cf8ec7cdfdace0289e83ce50a57d69bfecfaf69fe7ff5b0375a47d3eb57b41d8a0589b82a1cf1149ba3f21ea2b65433321eb1a6f04ecc713c2b26d27baa49e54c2babec86335b9f418b5a5eb997bc9dd65197124b9aa80fc4aa8defb986bf05c41b919886bb81ecd3d24cf9ecc7004000000000000002c70d32f5d55ef2a2cf7560cb2884f46a92b3c25550f73e407fc5d514b2b7a6b690e290e676266addb7d96e723dec9c418eec8c48dffb6f432b4d5fef16e4f0051ba7efc690022c3f62b37cb5682d8bfdfc637ad3bf089ef0117bcd395322fcfb8e8e0a6e2babceb5f289b1d991770681192bcd0b584c3497e455f30ab918a690514a87a7d8e1d5f169a4e680e9c390071d26f2e0e26fc062f2785f14c0404fe01fb4000000000000000577dcb1698a9021a36d73ed03651c1937b2c84046023a1a0a87b208e33ad2d7c2892b176877264e1d699b7401eb917b289f6f67060fda0fa44b54bd87517a2bf09dba7209e41db4288b61bda5960952c45e5c55f2cd68bf9c6ff33e46109584bf42e8696ef1876564fef6f24cbbed0db8ab7fda1ffcc8c9fd4ab2cbe8f8df8e5535b12a942a948eacdaf308d48932064cfc3329da74f6f3e4409d6764a29680e312bf1a0143180e6493c9201ea916e6c9b2566c558ad88d9f7c0aebf82f5807eecefa97ada9bbd9e478e5d7748ee188bc719ca7a73dce5b6758a767c4c6b7572ab25eb2d73986379d5685cb438fe7091d097cc8f33fc0f83dee76603d6580f1c8fc4c37efd305ccc5a25678180425718bb9344e60dda8dae2677bb602d29aa0810616a2fdbca7020d72291b592b84223e2522ee01f5bdaa0fc4eb8d71d948a2baccf3ea2aa79d4d9069d8c0000000000000000000000321cd67859b4567badee56f158406f08683bdc5ffe2dedc916000c71f922fa2dfead7535999436a4aeb908781893479319b8b55e00d90ae6f09f06be2a0fc0bc17bef53331208112a0132350c0c5dd4607547079acc9471300dea6ae01742dccdae69f932cef80bca1bfcb57b9c852cf8358a580044772a80f20de36f707385380155be8907029d039a1d1447fc06b7020221e0d439f3f47edcf12f913dc8b6389a540340ae37804728ea65352e630c2e90424d58d72fdc1b28403e1dc7aad238b81df3b2d4166d656c6a9c73554bdf4f7312a4c0271e0eb45b4a596b7fa928ac3683f09fdaca46226c1df2c6c866cb4412d17d3d52c38cf0f7bd3b0eea2d4e06d061bb1b7c8c52f37f4036932d00028abd4527f5649bd60df638596fd639d7b16860033754ab13419429e5e39f290751ab6bd9392aef5519cd8c16e1f1cb1f225cc84a1a62497c1e436142fe28048a2b4d133905814a1808bc5b3e45eaa9eaebd946bee806968aeeb5a9eed87eba3d25d0b412a1b4cf2d419a58b09fc275c4395a0bd332eb538321465043e5967dd22459d0f52190a37f93ab823431a81fa6f54de61637fd473e19a6f567fead100e7d8cac149b66ebe9973af846146c62065a64854ed21e8b6f6fbe78474b753915a42efcb7da8ad18bacff8d69e0af1ca1f8174530a21820738412b100b54ee9b4a0dc22d5fe1cadecaea73fbfad087b19ce53177488d230539c5174f572a539d9d7c42698aa82bccf030ad393f25c10baa17e919f647d0e31877b7a6c1d8d86583f884a0c1da07b9b6dced06cdeb0094aa635a82f233b5993926b8970a0840ba116a7d20a40efb3bd03c4bdf380a2510a0a1ea69811ded68943c71218b42783b38959753978f222e1396b9b36dee2ce205122a000577cab29f48bff4f88c417e6bf5fb430d925596f29aca8677ca5a113aeaa5e0252ca17244d6c76e78ff1bbd81a71c4dfc72431d7f1126f8bdbf4056ee0f58a1bf83d53b1de07489541182dc4ee0f573c25b6c15dad930bc7a770b5a4f407d7a879db7185f15f80100000000000000739cc97db66ec6b925955d9a591808947fdd8d484ad27353230a449fdf87fc46c73b852fec931cfb6718acf3315bf5e577d00beb77c5514bc05d576a81345a03ad7aae74c5d2b77d45718348aed4fcbcd1441ff31b8f038824a989a9446a4a69367b228b3d174230b7320fc4d3c03368db573816dd0c04e65d6f8ce48283e76abdddbb965e0b2568e93c9cc5494a55421793f562c50c53f876cbde93c5cc7a3099c99d9775af010ba093f8a13b771782a3cfb24fbde6ef763e20c613164ab014d1906c4e098f1431b6b2886a155c4bac2911d7ee6a646f5913205ebd175e68975b93c330e4f9131788026b3b7cd5b6452c9e17452ac70000000000000000000000c71185f72436640fd4294fc3da230f9065095be47d7a848df12316c3c8b184fe110b061987fd79cf7d83443e69d08e2e839ae4fbe26ef7764f4870ef3bd0ec12eb45f60ca10dbfe329271f0bc93b28798e982e0dd32fc14bd4313c63b2dbb568f33fb45acad2dc7f438ea162c0709c0bbe1ea13e1e47399286e8143f400d7adf5f69e455706626814ee49274667f47769293451fd49885a152b8d2cf18febc7993f4a93893c6c7b7e46a230359ef2443e6bb9f50bb0faa5eaafd3ed6d551600c46b58a29fd7ccbbb0616f0be27302b683eccd742791d97f4a1daa0447f004426fd09b67d926f51525da63987bc73af35b28277879089b89fff6edab2fa1caf660a46a1a9f09e2d095b1c4be95c7c33dc81857f580e36c0a78d94dd879ee18de4a6475858d2ded2e3427ae007cc6f8e5e99aa146667f71ad83f3ddcf5db2dc396d7da499b65cd98125f20c284fc84d6a70be1de44b49c82022225292199c75cc26beab98dce4c331ed722f01d0d6314a72416814a565f4d90a5f8a255810f23541082f4b06f451e4724cd882f4d589600000000005854ca490d7df9cc293547c9a51aecc7a92f417f6a4d327737f1b198252358832dbe43507844a0cc112af4ce457c173fa64174ffd5ab9501eeb85508ebb60e169c0736c5960f2fe08735d6a7aa7c1f4a6433e77d3e547bbe6cf5b5d93a491ab4bba1ea7a1e6f37618b1d74cff3630d85a210092211be1ec12a30891eef590b19cdde055d626818c64e1c56b8918f33441a64b54946571b7bc70fb065d3bb1647f6f989ab8159e6d1cfa6c0ec7329d7d2263ca22144bf17d8692f03b592bd0f610096094da096233984e95b9a8216a6e60a104ae0bb5f77ac70b4390ea2cb6f6c40c928fae489f447240a25fd0a5bd9d5b6cd2a98f8804862922c11229c4e45c765e4d3348af3d3aadd5cc24b39437f1ea2df0000000000000000000000000022b90d93a267f3af4e02606f0ce6c2ffc404b575a09d6e625f3248689005eb4a9c8df3c67e6b2b759cab3a7bedf1b927cd8ba6d13b3e7d7279515e3d6d20"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)

12m15.928413695s ago: executing program 35 (id=334):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000006c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x4004000)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
close_range(r4, 0xffffffffffffffff, 0x2)
dup3(r0, r4, 0x80000)
epoll_create1(0x0)

10m2.859655201s ago: executing program 36 (id=732):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = userfaultfd(0x801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000001c0))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

8m23.265174004s ago: executing program 3 (id=972):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)

8m22.208651608s ago: executing program 3 (id=977):
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x235, &(0x7f0000000500)={0x0, 0x4533, 0x10100, 0x0, 0x24c, 0x0, r1}, &(0x7f0000000880)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x201}, 0x1})
io_uring_enter(r2, 0x234f, 0xb1e6, 0x1, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r5, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
fcntl$lock(r5, 0x26, &(0x7f0000000080)={0x1, 0x0, 0x2007, 0x1fd})

8m19.462617544s ago: executing program 3 (id=983):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @empty, 0xffffffff}, 0x1c)
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xffffffff}, 0x1c)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698dfa871c51852e4451b57d037ad3c045942824251d7d17b5191584cdd4fbe40a27424d", "bcfd56f1373669caaa2f19935e6996c7096ffe4f3a4745a8f762b964", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000008095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffe01}, 0x94)
setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f00000000c0)=0x2, 0x4)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x300, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

8m17.431567442s ago: executing program 3 (id=990):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000080)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'})

8m17.006268379s ago: executing program 3 (id=994):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000040)=0x1005, 0x4)
r1 = syz_io_uring_setup(0x416d, &(0x7f0000000200)={0x0, 0x0, 0x10100, 0x0, 0x24e}, &(0x7f0000000480), &(0x7f00000000c0)=<r2=>0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r3=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r3, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
syz_io_uring_setup(0xa97, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x269, 0x0, r1}, &(0x7f0000000000)=<r4=>0x0, &(0x7f00000005c0))
syz_io_uring_submit(r4, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r1, 0x48e9, 0x7505, 0x0, 0x0, 0x0)

8m13.843811854s ago: executing program 3 (id=1005):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000140)=[{0x28, 0x0, 0x4d, 0xffeff024}, {0x6, 0x0, 0xff}]}, 0x10)
sendmmsg(r1, &(0x7f0000001c00), 0x400000000000159, 0x40840)
syz_io_uring_setup(0x49b, &(0x7f0000000200)={0x0, 0x237b, 0x400, 0x7, 0x28b}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, 0x0, 0x0, 0x4)

8m12.296457581s ago: executing program 37 (id=1005):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000140)=[{0x28, 0x0, 0x4d, 0xffeff024}, {0x6, 0x0, 0xff}]}, 0x10)
sendmmsg(r1, &(0x7f0000001c00), 0x400000000000159, 0x40840)
syz_io_uring_setup(0x49b, &(0x7f0000000200)={0x0, 0x237b, 0x400, 0x7, 0x28b}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, 0x0, 0x0, 0x4)

7m57.873270319s ago: executing program 6 (id=1046):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001000)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="28000000350001002bbd7004fedbdb250400000008000400020000000c0005"], 0x28}, 0x1, 0x0, 0x0, 0x20040050}, 0x24000080)

7m56.915013054s ago: executing program 6 (id=1049):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
modify_ldt$write(0x1, &(0x7f0000000000)={0x1001}, 0x10)
modify_ldt$write(0x1, &(0x7f0000000040)={0x3, 0x20001000, 0x4000, 0x0, 0x0, 0x1}, 0x10)

7m55.215786296s ago: executing program 6 (id=1051):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x101c08a, &(0x7f00000001c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae352940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c5a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b"], 0x6, 0x2c1, &(0x7f0000001880)="$eJzs3T+LI2UcB/DfZLOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2rrAwMpOZzWSNMZHNyu1+Ps0++8zznfk9k4fsbJEnH748Obqfx8MnX/wSWZZEZxjDOEliEJ1ofBULht8EAPAsOymK+L2Y2SSXRES2vbIAgC1a7+9/d9786VLKAgC26N677729f3Bw550ssrg7+fp4VP5nX/6cHd9/GB/HOB7Ea9GP04jqQWE3qqeFsnm3KIppNy8N4uZkejwqk5MPntbn3/8tosrvRT8GVdfZ00aVf+vgzl4+08pPyzqer68/LPO3ox8vnoUX8reX5GOUxquvtOq/Ff34+aP4JMZxvypinv9yL8/fLL794/P3y/LKfDI9HvWqcXPFziW/NAAAAAAAAAAAAAAAAAAAAAAAXGG36r1zepHfiJuTsqvef2fnNNLy17wxWNyfZ5ZPmhO19wcqimJaxPetLQXzoh44z3fjpW57Y0EAAAAAAAAAAAAAAAAAAAC4vh5/+tnR4Xj84NGFNJrdALoR8ee9iP96nmGr50asHtyrr3k4Hnfq5sKYp2m7J3aaMUnEyjLKSVzQbfm3xnPna24aP/xYTnCTE2atnteXT3B3+/NqVtfRYbL8Wr1oerJ6kXyXRszHpLHmtdJ/OlTEJssvXXqov/Hc0xeqxnTFmEhWFfbGr7M7V/ck52eRVnd1aXy3brTi59bGWq97ZLP4398rkmq3jt723owAAAAAAAAAAAAAAAAAAOCam3/6d8nBJyujncJHgQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4Iubf/79BY1qH1xicxqPH//MUAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuAb+CgAA//8HIVi7")
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, 0x0, 0x32600)
creat(&(0x7f0000000040)='./bus\x00', 0x122dfb579e447c7a)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x441, 0x108)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000200)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x3, 0x0, 0x0, 0x4, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000007700000c00002000", "036c47c678082004cb59d654cb9b1b165263bdbcef549ba197fce47ddfdd753abd950100172a00ffffff00f7ffffff000000f3e7f20000000200000000000600", "b7326736181c208220fffff2ff00000000000000000e00", [0x4]})
syz_mount_image$hfsplus(&(0x7f0000001140), &(0x7f00000004c0)='./file1\x00', 0x804c10, &(0x7f0000000180)=ANY=[], 0xfe, 0x66b, &(0x7f0000001180)="$eJzs3c1vHGcdB/DvbDZ2Ni3BTZM2oEq1GgkQFolf5IK5YBBCPlSoKgfOVuI0VjZpsV3kVog6vF576B9QDr4gTkjcIxUOXODWG/KxEhKXXjCnRTuetdfrl66TxrtpP59o93lmnplnfs/vmZl9saIN8IW1MJH6gxRZmHhlvb28tTnT3NqcudupJxlNspHUk9SSFP9ttVofJvNJsdtN0VMe8P7y3GsffbL18c5SvXqU29eO269Htd1Gz+qNzrrxJGeq8hHs6+/GI/dX7EY+n+RqVcLAnU3S2udnf396t6VL47C9z51KjMDjVey8bh4wlpyvLvT2+4DOK2/tdKPr32if2/W+gwAAAIAnTT+fgb+8ne2sFxdOIRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4XNjY+/3/onrUOvXxFJ3f/x+p1qWqD5cXT7b5g8cVBwAAAAAAAACcohe3s531XOgst4ryb/4vlQuXyuen8lZWs5SVXMt6FrOWtaxkKslYV0cj64traytTfew5feie058S6GhVNj6bcQMAAAAAAADA58yvsrD3938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgGRXJmp0hxv2v1WGr1JOeSjLRXbCT/7NSfZA8GHQAAAACcgtFkO+u50FluFbmU5LnyO4BzeSv3spblrKWZpdwsvxfY+dRf29qcaW5tztxtPw72+/3/nCiMssfsfPdw+JGvlFs0civL5ZpruZE30szN1Mo9265U8XR67Ynrfjum4nuVPiO7WZXtkb9XlQe8e6LBHuWEX6aMlRk5u5uRySq2djae6czM4TN0wtnpPdJUarvBXuo50sj+wTxUzs9XZXs8vzsq5wPRm4nprrPvueNznnz9L3/66WRVH54h9edMVbbK58bBTMx0ZeL5fjJxu3nvzu1bqxNPWiYOmCwzcXl3eSE/yk8ykfG8mpUs5+dZzFqWMp4flrXFavKLrkv+iEzN71t69dMiGanO0J3JOllML5X7Xshyfpw3cjNLebn8N52pfDuzmc1c1wxfPn6Gy6u+tu+q35vm1pcODf7qN6pKI8nvq3I4tPP6TFdeu++5Y2Vb95q9LF3sI0snvDfWv1pV2sf4dVUOh95MTHVl4tnjM/GH8ray2rx3Z+X24pv9He7ie1WlfWb9NhkfnhtJ+3y52J6scmn/2dFue/bQtqmy7dJuW+1A2+Xdtp0rdePIK3Wkeg93sKfpsu35Q9tmyrYrXW2Hvd8CYOid/+b5kca/G/9ofND4TeN245VzPxj9zugLIzn717PfrU+e+VrtheLP+SC/3Pv8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzVt9+5s9hsLq30VFqt1rtHNPVZqVdHeMjdH6GS8X891T7yIU2dnzM7xXi+8nRyemMf1sr/Wq1WtaY4Yps//m1oEtWqDEXqBlQZ3D0JOB3X1+6+eX317Xe+tXx38fWl15fuzc3Ozk3Ozb48c/3WcnNpcud50FECj8Pei/6gIwEAAAAAAAAAAAD6dRr/nWDQYwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACebAsTqT9IkanJa5Pt5a3NmWb70anvbVlPUktS/CIpPkzmi6phrKu74qjjvL8899pHn2x9vNdXvbN97bj9+rNRPTKe5MxOef+z6u9GVR6rOG4Ixe4I55NcrUoYuP8HAAD//xokBkA=")
r2 = open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86)
pwritev2(r2, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffc2}], 0x1, 0x7800, 0x0, 0x0)

7m52.580454014s ago: executing program 6 (id=1058):
r0 = gettid()
ioprio_get$pid(0x2, r0)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x400200)
syz_open_dev$sndpcmc(0x0, 0x400, 0x10003)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01001800000000000000100000080000000000000000040000000000000e04000000000000000d0000"], 0x0, 0x2e}, 0x28)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xffffffffffffff2c}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r1 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0xa, 0x20002f7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x21, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x0, 0xffff}}}, 0x24}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0xb68, 0x6, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)

7m51.660402223s ago: executing program 6 (id=1062):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000100)=[{0x6, 0x7, 0x0, 0x8001}]}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000000)=0xc77, 0x4)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

7m50.194615946s ago: executing program 6 (id=1065):
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x4000064f)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x4c0f, 0x400, 0x3, 0x288}, &(0x7f0000000240)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r2, 0x12a8f, 0xf264, 0x40, 0x0, 0x0)

7m34.961416973s ago: executing program 38 (id=1065):
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x4000064f)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x4c0f, 0x400, 0x3, 0x288}, &(0x7f0000000240)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r2, 0x12a8f, 0xf264, 0x40, 0x0, 0x0)

6m13.908812626s ago: executing program 2 (id=1226):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_io_uring_setup(0x239, &(0x7f00000002c0)={0x0, 0x1410, 0x10100, 0x3, 0x1}, &(0x7f0000000080)=<r1=>0x0, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x54, 0x0, @fd, 0x0, 0x0, 0x0, {}, 0x1})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, 0x0)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000005c0)={0x40, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x40}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x60, 0x9, 0x6, 0x3, 0x0, 0x0, {0x5, 0x0, 0x40}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x38, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xe0004000}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
io_uring_enter(r0, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
futex_waitv(&(0x7f00000001c0)=[{0x6, &(0x7f0000000180)=0x6, 0x2}], 0x1, 0x0, 0x0, 0x1)

6m11.196482672s ago: executing program 2 (id=1233):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x9007}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x9007}, 0x4)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x4, @multicast2}, 0x10)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180))
pselect6(0x40, &(0x7f00000002c0)={0x0, 0x0, 0x3, 0x3, 0x0, 0x80, 0x4, 0x4}, 0x0, &(0x7f00000000c0)={0x3ff, 0x0, 0x7fff, 0x9, 0x0, 0x204, 0x7fffffff}, 0x0, 0x0)

6m7.563897456s ago: executing program 2 (id=1242):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000003080), 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x441c2, 0x0)
ftruncate(r2, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmmsg(r4, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
sendfile(r3, r2, 0x0, 0x578410eb)

5m59.841919913s ago: executing program 2 (id=1260):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0xffffffffffffff30)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(0xffffffffffffffff, 0x0, 0x4040)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000)
socket(0x40000000015, 0x5, 0x0)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0x5ba8, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000300)={r1, r1, r1}, 0x0, 0x0, 0x0)

5m55.050155855s ago: executing program 2 (id=1271):
r0 = io_uring_setup(0x3c92, &(0x7f0000000100)={0x0, 0x3, 0x0, 0xffffffff, 0x2})
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r3 = accept(r1, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="120000000400000004000000a4"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r4, &(0x7f0000000080), &(0x7f00000002c0)=@udp6=r3}, 0x20)
recvmsg$can_bcm(r3, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x0)
accept4$inet6(r3, 0x0, 0x0, 0x800)
close_range(r0, 0xffffffffffffffff, 0x0)

5m44.14971604s ago: executing program 2 (id=1296):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000140)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)
accept4(r0, 0x0, 0x0, 0x0)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x1})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
timer_settime(r1, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
msgsnd(0x0, 0x0, 0x8, 0x0)

5m28.938953216s ago: executing program 39 (id=1296):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000140)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)
accept4(r0, 0x0, 0x0, 0x0)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x1})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
timer_settime(r1, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
msgsnd(0x0, 0x0, 0x8, 0x0)

2m35.629496931s ago: executing program 0 (id=1673):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x2, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0xfffffffd)
r1 = socket$inet(0xa, 0x801, 0x84)
listen(r1, 0x8)
r2 = socket$inet(0xa, 0x801, 0x84)
r3 = socket$inet(0xa, 0x801, 0x84)
listen(r3, 0x8)
listen(r2, 0x8)
r4 = socket$inet6(0xa, 0x1, 0x8010000000000084)
listen(r4, 0x7)
r5 = socket$netlink(0x10, 0x3, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r5)
writev(r5, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe00600000000590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x40b}], 0x1)

2m31.704745856s ago: executing program 0 (id=1677):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
r3 = socket$inet_icmp(0x2, 0x2, 0x1)
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000300)={{{@in=@local, @in6=@mcast2, 0x4e20, 0x0, 0x4e22, 0x419f, 0xa, 0x30, 0x40, 0x5c}, {0x4, 0x2, 0x4, 0x7, 0x3, 0x8000000000000001, 0x0, 0x4}, {0x4, 0x6, 0x7, 0x4}, 0x7, 0x0, 0x0, 0x1, 0x2, 0x3}, {{@in6=@dev={0xfe, 0x80, '\x00', 0x42}, 0x4d6, 0x6c}, 0x2, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x3505, 0x1, 0x0, 0x6, 0x7, 0x4, 0x280000}}, 0xe8)
close(r3)

2m26.769264094s ago: executing program 0 (id=1695):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x2f)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x15, 0x1c, &(0x7f0000000000)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {0x7, 0x0, 0xb, 0x6, 0x0, 0x0, 0x5}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0x6, 0x9}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5, 0x1, 0xa, 0x9, 0x9}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x6, 0x2, 0x0, r3}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

2m25.534148788s ago: executing program 0 (id=1686):
r0 = syz_usb_connect(0x0, 0x0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000700)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000680)={0x34, &(0x7f00000005c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r1, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff3b, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
recvfrom$inet6(r1, &(0x7f0000000000)=""/45, 0x44, 0x0, 0x0, 0xffffffffffffffc3)
writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000000)="48050000150019", 0x7}], 0x11d8)
r2 = memfd_create(0x0, 0x2)
syz_clone(0x8d002240, 0x0, 0x0, 0x0, 0x0, 0x0)
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r3 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r3, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)

2m15.972640744s ago: executing program 0 (id=1700):
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x800001000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000340)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
setgroups(0x400000000000026f, &(0x7f0000000080)=[0x0, 0xee00])

2m13.956504487s ago: executing program 0 (id=1712):
truncate(0x0, 0x42dc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000087}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioprio_get$pid(0x2, 0x0)

1m58.122196969s ago: executing program 40 (id=1712):
truncate(0x0, 0x42dc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000087}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioprio_get$pid(0x2, 0x0)

32.40519353s ago: executing program 8 (id=1860):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$binderfs(0x0, 0x0, 0x0, 0x2004000, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='numa_maps\x00')
preadv(r3, &(0x7f0000000000)=[{&(0x7f0000001200)=""/4112, 0x1010}], 0x1, 0x800, 0x0)
ioctl$SYNC_IOC_FILE_INFO(0xffffffffffffffff, 0xc0383e04, &(0x7f0000000140)={""/32, 0x0, 0x0, 0x0, 0x0, 0x0})

29.141465917s ago: executing program 8 (id=1846):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000280)={0x10000, 0x6, 0xc}, 0x18)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=ANY=[@ANYBLOB="1400000042000b06"], 0x14}}, 0x0)
recvmmsg(r3, &(0x7f0000015840)=[{{0x0, 0x0, 0x0}, 0xf7d}, {{0x0, 0x0, 0x0}, 0xd}, {{0x0, 0x0, 0x0}, 0x9}], 0x3, 0x2000, 0x0)
ioctl$AUTOFS_IOC_ASKUMOUNT(r1, 0x80049370, 0x0)

26.211966823s ago: executing program 8 (id=1851):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x1000000000000f, &(0x7f0000000180)=0x6, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000180), 0x244, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$MRT_ADD_VIF(0xffffffffffffffff, 0x0, 0xca, 0x0, 0x0)
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20002800)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x33, &(0x7f00000a2000)={0x1, &(0x7f0000000200)=[{0x6}]}, 0x10)

23.377406656s ago: executing program 7 (id=1857):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)

23.310940827s ago: executing program 1 (id=1865):
r0 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x1d2)
fcntl$setlease(r4, 0x400, 0x0)

22.625571275s ago: executing program 8 (id=1866):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0)
sched_setaffinity(0x0, 0xc67e7be33bfcd098, &(0x7f0000000180)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
timer_create(0x0, 0x0, &(0x7f0000bbdffc)=<r3=>0x0)
timer_settime(r3, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

20.769964322s ago: executing program 9 (id=1867):
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2a, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000000300)=""/102392, 0x18ff8)
iopl(0x3)
recvfrom$rxrpc(0xffffffffffffffff, 0x0, 0x0, 0x22, 0x0, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = mq_open(&(0x7f0000000580)='!\x7f\x00\xca\x00\x00\x00\f\x00vt\x00\x01E!\x05\x99\xb7|`', 0x6e93ebbbcc0884f2, 0x61, &(0x7f0000000480)={0x0, 0x2, 0x7})
mq_timedreceive(r2, &(0x7f0000000700)=""/200, 0xc8, 0x0, 0x0)

20.76877087s ago: executing program 1 (id=1868):
openat$ppp(0xffffffffffffff9c, 0x0, 0xc0802, 0x0)
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
socket(0x80000000000000a, 0x2, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
syz_emit_ethernet(0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000280)={'vcan0\x00', <r4=>0x0})
syz_usb_connect$cdc_ncm(0x0, 0x6e, 0x0, 0x0)
bind$can_j1939(r3, &(0x7f0000000100)={0x1d, r4, 0x0, {}, 0xfd}, 0x18)
connect$can_j1939(r3, &(0x7f0000000080)={0x1d, r4, 0x0, {0x0, 0x0, 0x2}, 0xfe}, 0x18)
sendmsg$can_j1939(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)='.', 0x1a000}}, 0x0)
sendmsg$can_j1939(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x20000081}, 0x480c4)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000480)=@newtfilter={0x24, 0x11, 0x1, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x74, r2, {0xfff3, 0x10}, {0xfff1, 0x9}, {0x2, 0x8}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x48040}, 0x20000050)

18.529140609s ago: executing program 8 (id=1869):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$inet6(0xa, 0x2, 0x0)
shutdown(r4, 0x0)
recvmmsg(r4, &(0x7f0000008880), 0x45b, 0x44000102, 0x0)

17.456635856s ago: executing program 9 (id=1871):
r0 = getpid()
prlimit64(r0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="3000000003060101000000000000000001000005050001002489ba5fd81d1eec3745a8"], 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x90)
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)

17.456452864s ago: executing program 4 (id=1872):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000540)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee7, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80000)
fcntl$setpipe(r3, 0x407, 0x0)
write$FUSE_INIT(r3, &(0x7f0000000340)={0x50, 0xfffffffffffffffe, 0x0, {0x7, 0x28, 0xd19e, 0x208480, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}}, 0x50)
vmsplice(r3, &(0x7f0000000140)=[{&(0x7f0000000100)="eb", 0x20000101}], 0x1, 0x0)
fcntl$setpipe(r3, 0x407, 0x2000000)

16.332397907s ago: executing program 7 (id=1874):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000200)={0x2, 0x4e20, @multicast2}, 0x10)
setsockopt$inet_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1d}}}, 0x0, 0x0, 0x4, 0x0, "e83ae75240c2d658ec87bb53679fd0000078548ceb6c4414fab0919616e19aecedec1b76aea5922406b64cddaeb9d339ba3c01c2c7b8df8e61740b9af2d4d58654a4af0fa0ce1f830cc1eaf991fd00"}, 0xd8)
setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000040)=0xce, 0x4)
connect$inet(r3, &(0x7f0000000080)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10)
sendmsg$inet(r3, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0x100120}], 0x1}, 0x0)

16.231651527s ago: executing program 1 (id=1875):
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_io_uring_setup(0x5ce, &(0x7f0000000480)={0x0, 0x9cd6, 0x80, 0x0, 0x34f}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x82e, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0xb2752a96f73d6e14, 0x0, 0x0, 0x0, 0x23456})
io_uring_enter(r1, 0x47bc, 0x3000000, 0x0, 0x0, 0x0)

16.182630493s ago: executing program 4 (id=1876):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$unix(0x1, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r4=>0x0})
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r5, &(0x7f0000000200)={0x1d, r4}, 0x10)
sendmsg$can_bcm(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="01000000d7fe68ca7e4d5d5bdbe70000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r4, @ANYRES64=r3, @ANYBLOB="3bf81bb9e9"], 0x20000600}}, 0x0)
sendmsg$sock(r5, &(0x7f0000001940)={&(0x7f00000002c0)=@sco={0x1f, @none}, 0x80, &(0x7f0000000000), 0x5, &(0x7f00000008c0)=[@timestamping={{0x14}}], 0x18}, 0x0)

14.990735658s ago: executing program 9 (id=1878):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xbf5ce000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0x3, &(0x7f0000000000)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r3 = io_uring_setup(0x115c, &(0x7f0000000440)={0x0, 0x8270, 0x40, 0x3, 0x117})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f0000000640)=[{0x0}], 0x178)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="6a0ac4ff02"], 0x0}, 0x94)
io_uring_register$IORING_REGISTER_FILES(r3, 0x1e, &(0x7f0000000000)=[r3], 0x1)

13.251450064s ago: executing program 7 (id=1879):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xf, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x7000000)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="54000000020605000000000000000000000000000c00078008000640000019000500010006000000050005000200000005000400000000000900020073797a31000000000d000300686173683a6e6574"], 0x54}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x39}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_ADT={0x14, 0x8, 0x0, 0x1, [{0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000082}, 0x4000080)

12.952013439s ago: executing program 4 (id=1880):
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$DVB_DEMUX_DMX_SET_PES_FILTER(0xffffffffffffffff, 0x40146f2c, 0x0)
r3 = socket$rxrpc(0x21, 0x2, 0x2)
setsockopt$RXRPC_SECURITY_KEYRING(r3, 0x110, 0x2, &(0x7f0000000040)='btrfs\x00', 0x6)

12.10794079s ago: executing program 5 (id=1881):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x1)
fchdir(r4)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0)
getdents64(r5, &(0x7f0000000040)=""/53, 0x2457a0be381e3a04)

12.069649055s ago: executing program 1 (id=1882):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x4}, 0x6d)
listen(r4, 0xfffffffc)
close_range(r3, 0xffffffffffffffff, 0x0)

11.129745129s ago: executing program 7 (id=1883):
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x7)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mlockall(0x7)
mknodat$loop(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
r0 = open$dir(0x0, 0x2, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x22b)
fcntl$setstatus(r2, 0x4, 0x42000)
read$FUSE(r2, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
writev(r3, &(0x7f0000000000)=[{0x0}], 0x1)
syz_io_uring_setup(0x44cd, 0x0, 0x0, 0x0)

11.042504466s ago: executing program 9 (id=1884):
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
syz_usb_connect$cdc_ecm(0x0, 0x66, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$unix(r3, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000440)="ea", 0x1}], 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0xc800)
recvmmsg(r4, &(0x7f0000001140), 0x700, 0x2, 0x0)

9.724414759s ago: executing program 5 (id=1885):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
socket$inet6(0xa, 0x5, 0x1)
sendmsg$key(0xffffffffffffffff, 0x0, 0x4020)
close_range(r3, 0xffffffffffffffff, 0x0)

8.511692035s ago: executing program 7 (id=1886):
r0 = io_uring_setup(0x497c, &(0x7f00000001c0))
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r4, 0xc0a85320, &(0x7f00000003c0)={{0x80, 0x2}, 'port1\x00', 0xe3, 0x1b1c07, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4})
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0), 0x101883, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r4, 0x40a85323, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

7.712760838s ago: executing program 5 (id=1887):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)

7.49277383s ago: executing program 5 (id=1888):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mremap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000ffb000/0x2000)=nil)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$FS_IOC_SETFLAGS(r3, 0x40186f40, &(0x7f0000000440)=0x20000)

7.284100385s ago: executing program 9 (id=1889):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000540)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee7, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80000)
fcntl$setpipe(r3, 0x407, 0x0)
write$FUSE_INIT(r3, &(0x7f0000000340)={0x50, 0xfffffffffffffffe, 0x0, {0x7, 0x28, 0xd19e, 0x208480, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}}, 0x50)
vmsplice(r3, &(0x7f0000000140)=[{&(0x7f0000000100)="eb", 0x20000101}], 0x1, 0x0)
fcntl$setpipe(r3, 0x407, 0x2000000)

7.280788832s ago: executing program 4 (id=1890):
socket$kcm(0xa, 0x2, 0x0)
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
setsockopt$sock_attach_bpf(r0, 0x1, 0x50, &(0x7f0000000100), 0x48)

6.027648822s ago: executing program 7 (id=1891):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'wpan0\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}, 0x1, 0x0, 0x0, 0x40040}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x500000000000000, 0x4000004}, 0x4)

5.982790867s ago: executing program 1 (id=1892):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20040080)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x28, r4, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}]}]}, 0x28}}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), r5)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, r6, 0x7, 0x4, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x48050}, 0x0)
accept4$inet6(r0, 0x0, 0x0, 0x800)

5.920784025s ago: executing program 5 (id=1893):
socket$tipc(0x1e, 0x5, 0x0)

4.152266383s ago: executing program 8 (id=1894):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
fchdir(r3)
r4 = open(&(0x7f0000000100)='./bus\x00', 0x1031c2, 0x20)
ftruncate(r4, 0x2007ffb)
close(r4)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)

1.631216646s ago: executing program 4 (id=1895):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000000000002}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
unshare(0x2a020400)
r3 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x0)
openat$vsock(0xffffffffffffff9c, 0x0, 0x200940, 0x0)

1.588250059s ago: executing program 5 (id=1896):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000180)={'sit0\x00', &(0x7f0000000100)={'syztnl2\x00', 0x0, 0x8000, 0x8027, 0xffffffff, 0x3, {{0x7, 0x4, 0x1, 0x9, 0x1c, 0x65, 0x0, 0xc, 0x4, 0x0, @local, @rand_addr=0x64010101, {[@generic={0x88, 0x7, "14b79dce6a"}]}}}}})
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
write$tun(0xffffffffffffffff, 0x0, 0x42)
syz_emit_ethernet(0x3e, &(0x7f00000002c0)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x20, 0xfc, 0x2, 0x0, @rand_addr=0x1c, @multicast1=0xe0000300}, @dest_unreach={0x3, 0x6, 0x0, 0x0, 0xfa, 0x9, {0x5, 0x4, 0x0, 0x1c, 0xfff6, 0x65, 0x5, 0x1, 0x4, 0x3, @private=0xa010102, @local}}}}}}, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r3, 0x0, 0xca, &(0x7f0000000040)={0x1, 0x1, 0x2, 0x4b, @vifc_lcl_addr=@dev={0xac, 0x14, 0x14, 0x3e}, @broadcast}, 0x10)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x40000)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f00000000c0)={@multicast1=0x1c, @empty=0xe0000300, 0x0, "8a79348df081496d0420922f45a71c1daa8b610468cd140526c41efcd3a4a422", 0x3, 0x1, 0x85}, 0x3c)

1.295454353s ago: executing program 9 (id=1897):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mbind(&(0x7f00001fa000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)

240.665038ms ago: executing program 4 (id=1898):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0xf0, 0x2b8, 0xb0000010, 0xf0, 0x5c8f0200, 0x1e0, 0x3a8, 0x3a8, 0x1e0, 0x3a8, 0x3, 0x0, {[{{@ipv6={@private1, @local, [0x0, 0xffffffff], [0x0, 0x0, 0xff0000ff], 'vlan1\x00', 'veth0_to_team\x00', {}, {}, 0x0, 0x0, 0x4}, 0x0, 0xa8, 0xf0, 0x700}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x206, 'syz1\x00'}}}, {{@ipv6={@ipv4={'\x00', '\xff\xff', @empty}, @local, [0xffffff00, 0xffffffff, 0x0, 0xffffff00], [0xffffff00, 0xff, 0xffffffff, 0xff], 'netdevsim0\x00', 'dvmrp1\x00', {0xff}, {0xff}, 0x0, 0x79, 0x7, 0x2}, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x4695, 'syz1\x00', {0x1}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
socket$inet_tcp(0x2, 0x1, 0x0)
socket(0x10, 0x3, 0x0)
request_key(&(0x7f0000000040)='blacklist\x00', 0x0, 0x0, 0x0)
r3 = syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x161801)
ioctl$I2C_RDWR(r3, 0x707, &(0x7f0000000040)={&(0x7f0000000000), 0x1})

0s ago: executing program 1 (id=1899):
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000380)={{0x84, @rand_addr=0x64010104, 0x4e24, 0x3, 'nq\x00', 0x8, 0x5, 0x55}, {@remote, 0x4e22, 0x0, 0x7, 0x12d5c, 0x12d58}}, 0x44)
sendmsg$sock(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40002}, 0x0)
sendmsg$sock(r0, &(0x7f0000000940)={&(0x7f0000000300)=@alg={0x26, 'aead\x00', 0x0, 0x0, 'aegis128\x00'}, 0x80, &(0x7f00000008c0)=[{&(0x7f0000000540)="2b8982", 0x3}, {&(0x7f0000001400)="12b5ca8883a72c61be64d1809e4e551c8fcc795bacbc79d1a786c09a1861dfb427e430bee5b00ac73434620f11a914ef7cf7658efc365a26b43990993f60d4ffeb9cc31d7d5fc06ba7c3a4d828f40fca355cff79686f12971618904dc7d09e85e7a5f9194c4cae7983ee20f6c522b89ecc73c43438aad7dd15ff4738f5e4e1b7713142e7ff6cfc1b6cf7baba9ebf3b471cd0a72011fef02b46e280ad7a8c42d24bfb2ffe1518bc0fea207ec37a9e388c9dea8124df3f50a75f03df8d30d7b3b73e274042a52c058e1d85ef3b420b4dfce815cff6265e625a61b6fca9699edaadd192a3ae60c765260d1cbfb21f0cc30d8128b3783867b85873de07b02635d5573f9e578094a3ce6efbf44818daef38e14005a360909d226d7e13a86f6c83b6aaf615b6a2642d17bc2c56b8b0f8209e20ec1e0f58b0486493e511ab0a45b44a87340a9052ef5fba93c83753f1b101a744407f54d052188087c1cf43de80fd7bd5f3ce8585b5499959e6c3f5e17ae837d7c5627abb604947ad9906d641658f01464f48244182de8d5a8d037403ad4a964e2124177771a84806cda0682d58743928d2d16d83fd8b706a9669ac7605e8d857ac586dc2eda90715951c21bd116ade52f03cd61f3874aaefa77da678450228eb476d84bf175564a215e1683ced4bb9adba5daed835c6b38b61b213834aca56b86259784addb8601d26a42ad637ee296cd4382aaa7c1eaa5cbfa3a7177390bc646916aeb885d2dd43fc5b2dbbd2d184ba6cc6a439b95b5d814a8582405635b5c6bdb41c24af7a10bbd264eb2308a800a09705ac7856a7ac993cb4d88fea4cd1d5cf9e82e10c4badb996f4c0d5fd5866baf90a07d8777f793feb9250e22dd5190aa26c2a31412f1b41e0a65d0e435a9c5ebbf5205f6c6a117ce1fb16e8eb797e7d3eb5d62178dc0441941e9cb464814982ebe54195d73113efc971799121683f6e85d24ad6f21023868327b67446a36ebffda572b90f9b228a03b612e7e0ca09aac6b5710fc90f51c0efefb69b5d26ba9a1d8954832b1370d099d09c07fb2893d57d617ec0d626f1f96ee1608e0f8d9ca1b491578d639ac74b3ea568a474707ac756555d0ae9cdc609609e30d7ef2648fb8baa5854e58b60fac9ec9670c620ce6dcf3bbcca971cb5bf37462febde30e3865960627ceb15a11dd891160a2fcbb682c94a7de4e00fff20774364ffc4bfa31173261f1684dbbaa9addf0d9bc43539a7c09c6b98769aecf8529402bc66e37f0f20580e8e5f59ec48979957552fe17b897dcb4ed1a8d0fdf68d8c065c9d3501b387cf08c681326fcd79e7104eb50bc58a0140b594ad57b8d4be0c50f98e9c3e323d0a57001f8c6a094a7908315c7d7b33227861d2035649bb91daf77776e11159f3ebf7f3ed576adfc364f363e6f474dbbe3500c62c74193e7102fdf57b345066a6ebe47b4b469187631b586676e8e449fa215444366baf5d675f637a0f52c36a042d74957e94bd6d87061675da18128f69106970a9492d76dc312884bb7fcd88ca7e13f2914ba817724bc97ab634e845dfd1ab40344c33c7c202674ef959378abaf3f4fa038a6bbec31f5bd88f81240d2722dfa5e8621eb604db9ae06d49f0a56d64d525f3d41b367ed4d459f21baa3dc43c7cbe096f15bead83bc5ffe2f82128f2943a479556a39ab661bf0a86e0ad0520ab015112eeb06c13abc0da61cc6bf9508182d142696a4670fef7dcfa7a7e09f673c992f3acd4bafa7874c8bf9dc362943d7cd3c14d32bb7a8c3e3f1f55f500eca0c6fd0f199fefe601857e5307660c000cbd8f83f64e2afeb931f5dbba2d538f1c1d78c6ecd14af198f9e0ae4a8e2ef6cda63e059f5b3137946434418fd8920753c3ea5d054ad5d3da2749c94b23018be9495831a1ac647783823ac4f554bea483ee919824516f8d3d9d90753d69dd6375f0edafc98716d2aa7dbbf73208ee017fddec8c994cb5df3f74bfed87db0b88076c430495ce8a39b4b61003bb6c0e12a2f6d41a994537dadc0b389d5a1049e26b968d4aa8ded4fc38dec2ab5b14b5d0d0e24b37875e17d1066e0b04c807ef6712034f0cbd899e5cfd68143e0c3865c00a18fc7001fe9386acb55614fb7c739aef69bf21b8364e407fdb62e068359017714809d3a0b61b8bd046119f2a8e7", 0x600}, {&(0x7f0000000600)="bbc6351d5b17d69316ec14fbebe6d4f456979602ad91ae24f9a1da6834e77a49a31a836afb32294cf8453b100f60525874c6dd34f59950a10b18499cd72145cf42ccb624e5159a58257c6e1aed068f521cff", 0x52}, {&(0x7f0000000680)="cc18101d6bec7dadde1d231d7be01e1a3ebed24c1f1b0cacbb731e37f14830d34d9f1234d81e", 0x26}, {&(0x7f00000006c0)="2219a8d1a15d2cc1d9f7e487ed6138173c17bebef35e5c731961e6d1d07d4bc0a9699ac13447f29c363112c81f005fb311", 0x31}, {&(0x7f00000007c0)="ed26622fd0360a40065c0ffe78a852c80b38fe65736c69ddc47ae4aefda72140afd220d6ee665878574061a1007ea110da804ecb867677473c4675b9ece360dc3103f6090467044637e90a47a9063bf8da6fbdf1e2eaca25650375eb6132423f5040dd7979e927a4f1346c1e7e31754c74756c32f1a9ead67ab3355599daec701a048818cfa9cc130e71b74acec5147bce4f9e3d638014f9ffb41c61f79ab1908e31b784ecc94d53a28b9ba76c20f382e5f48d122cd554702a24b08920ffa72b937fe5419fa45d7a4881672d56", 0xcd}], 0x6}, 0x800)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

kernel console output (not intermixed with test programs):

arer <udp:syz2>, priority 10
[  208.136160][ T7082] 8021q: adding VLAN 0 to HW filter on device batadv0
[  208.795770][ T7249] netlink: 24 bytes leftover after parsing attributes in process `syz.6.292'.
[  208.851031][ T7251] netlink: 4 bytes leftover after parsing attributes in process `syz.6.292'.
[  209.151093][ T5905] tipc: Node number set to 2886997162
[  210.107662][ T7082] veth0_vlan: entered promiscuous mode
[  210.149937][ T7082] veth1_vlan: entered promiscuous mode
[  210.325579][ T7082] veth0_macvtap: entered promiscuous mode
[  210.365912][ T7082] veth1_macvtap: entered promiscuous mode
[  210.557432][ T7082] batman_adv: batadv0: Interface activated: batadv_slave_0
[  210.614037][ T7082] batman_adv: batadv0: Interface activated: batadv_slave_1
[  210.694910][ T1152] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  210.728182][ T1152] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  210.797109][ T1152] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  210.845331][ T1152] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  211.418728][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  211.579368][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  212.321631][   T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  212.349793][   T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  213.129786][ T7312] netlink: 8 bytes leftover after parsing attributes in process `syz.5.304'.
[  213.573628][ T7312] 8021q: adding VLAN 0 to HW filter on device bond2
[  213.721713][ T5905] libceph: connect (1)[c::]:6789 error -101
[  213.728418][ T5905] libceph: mon0 (1)[c::]:6789 connect error
[  213.823274][ T7322] ceph: No mds server is up or the cluster is laggy
[  214.144013][ T7329] binder_alloc: 7328: binder_alloc_buf size 16448 failed, no address space
[  214.202376][ T7329] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 12288 (num: 1 largest: 12288)
[  214.418558][ T7331] netlink: 'syz.2.308': attribute type 1 has an invalid length.
[  214.533058][ T7335] netlink: 28 bytes leftover after parsing attributes in process `syz.2.308'.
[  214.794728][ T7335] 8021q: adding VLAN 0 to HW filter on device bond1
[  216.145968][ T5833] Bluetooth: hci2: command 0x0406 tx timeout
[  216.153649][ T5833] Bluetooth: hci5: command 0x0406 tx timeout
[  216.159672][ T5837] Bluetooth: hci1: command 0x0406 tx timeout
[  216.954091][ T7361] netlink: 24 bytes leftover after parsing attributes in process `syz.8.317'.
[  217.039609][ T7361] netlink: 4 bytes leftover after parsing attributes in process `syz.8.317'.
[  218.110142][ T7378] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(5)
[  218.116492][ T7383] loop7: detected capacity change from 0 to 1024
[  218.116909][ T7378] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  218.257008][ T7378] vhci_hcd vhci_hcd.0: Device attached
[  218.270665][ T7383] EXT4-fs: Ignoring removed orlov option
[  218.388377][ T7383] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  218.534216][ T5905] usb 44-1: SetAddress Request (2) to port 0
[  218.556177][ T5905] usb 44-1: new SuperSpeed USB device number 2 using vhci_hcd
[  218.668839][ T7389] loop8: detected capacity change from 0 to 512
[  218.719288][ T7391] EXT4-fs error (device loop7): ext4_iget_extra_inode:5024: inode #15: comm syz.7.324: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  218.746139][ T7389] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  218.773680][ T7384] vhci_hcd: connection reset by peer
[  218.831326][ T7389] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  218.845791][ T1096] vhci_hcd vhci_hcd.5: stop threads
[  218.936551][ T7389] EXT4-fs (loop8): 1 truncate cleaned up
[  218.945072][ T7389] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  218.957934][ T1096] vhci_hcd vhci_hcd.5: release socket
[  219.002155][ T1096] vhci_hcd vhci_hcd.5: disconnect device
[  219.355888][ T6151] EXT4-fs error (device loop7): ext4_iget_extra_inode:5024: inode #15: comm syz-executor: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  219.404064][ T6151] EXT4-fs error (device loop7): ext4_iget_extra_inode:5024: inode #15: comm syz-executor: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  220.440884][ T6151] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.351581][  T148] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.657882][ T7082] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.671855][  T148] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.969894][  T148] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.613197][ T7427] syz_tun: entered allmulticast mode
[  222.735438][ T5137] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  222.746747][ T5137] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  222.848046][  T148] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  222.871210][ T5137] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  222.884368][ T5137] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  222.892062][ T5137] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  223.597539][ T5966] libceph: connect (1)[c::]:6789 error -101
[  223.603647][ T5966] libceph: mon0 (1)[c::]:6789 connect error
[  223.665270][ T5905] usb 44-1: device descriptor read/8, error -110
[  223.814183][ T7452] ceph: No mds server is up or the cluster is laggy
[  223.869901][ T7465] loop6: detected capacity change from 0 to 2048
[  223.895237][ T5919] libceph: connect (1)[c::]:6789 error -101
[  223.928764][ T5919] libceph: mon0 (1)[c::]:6789 connect error
[  224.121562][ T7465] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024)
[  224.245715][ T5905] usb usb44-port1: attempt power cycle
[  224.371851][  T148] bridge_slave_1: left allmulticast mode
[  224.410572][  T148] bridge_slave_1: left promiscuous mode
[  224.441296][  T148] bridge0: port 2(bridge_slave_1) entered disabled state
[  224.584640][  T148] bridge_slave_0: left allmulticast mode
[  224.597830][  T148] bridge_slave_0: left promiscuous mode
[  224.652543][  T148] bridge0: port 1(bridge_slave_0) entered disabled state
[  224.694772][ T7475] random: crng reseeded on system resumption
[  224.867243][ T5905] usb usb44-port1: unable to enumerate USB device
[  224.960089][ T5842] Bluetooth: hci0: command tx timeout
[  226.828940][  T148] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  227.023399][ T5842] Bluetooth: hci0: command tx timeout
[  227.030891][  T148] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  227.140984][  T148] bond0 (unregistering): Released all slaves
[  227.241968][ T7440] chnl_net:caif_netlink_parms(): no params data found
[  227.610590][ T7502] loop6: detected capacity change from 0 to 512
[  227.755927][ T7502] EXT4-fs: Ignoring removed nomblk_io_submit option
[  227.776192][ T7502] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  227.792904][ T7502] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c000e128, mo2=0002]
[  227.878120][ T7502] EXT4-fs (loop6): orphan cleanup on readonly fs
[  227.929015][ T7502] Quota error (device loop6): v2_read_header: Failed header read: expected=8 got=0
[  227.958678][ T7502] EXT4-fs warning (device loop6): ext4_enable_quotas:7234: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  228.013146][ T7502] EXT4-fs (loop6): Cannot turn on quotas: error -22
[  228.041318][ T7502] EXT4-fs error (device loop6): ext4_validate_block_bitmap:440: comm syz.6.354: bg 0: block 40: padding at end of block bitmap is not set
[  228.075117][ T7506] loop0: detected capacity change from 0 to 256
[  228.093891][ T7506] exfat: Bad value for 'dmask'
[  228.173707][ T7502] loop6: lost filesystem error report for type 5 error -117
[  228.182800][    C1] EXT4-fs (loop6): error count since last fsck: 1
[  228.186683][ T7511] smc: net device bond0 applied user defined pnetid SYZ2
[  228.193624][    C1] EXT4-fs (loop6): initial error at time 1771117738: ext4_validate_block_bitmap:440
[  228.193669][    C1] EXT4-fs (loop6): last error at time 1771117738: ext4_validate_block_bitmap:440
[  228.197630][ T7512] netlink: 14 bytes leftover after parsing attributes in process `syz.8.356'.
[  228.243120][ T7502] EXT4-fs (loop6): Remounting filesystem read-only
[  228.293214][ T7502] EXT4-fs (loop6): 1 truncate cleaned up
[  228.335516][ T7502] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  228.452974][ T7502] netlink: 8 bytes leftover after parsing attributes in process `syz.6.354'.
[  228.502407][ T7512] smc: removing net device bond0 with user defined pnetid SYZ2
[  228.531748][ T7512] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  228.559651][ T7512] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  228.578292][ T7512] bond0 (unregistering): Released all slaves
[  228.741019][  T148] hsr_slave_0: left promiscuous mode
[  228.761615][  T148] hsr_slave_1: left promiscuous mode
[  228.774250][  T148] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  228.781652][  T148] batman_adv: batadv0: Removing interface: batadv_slave_0
[  228.847144][  T148] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  228.863437][  T148] batman_adv: batadv0: Removing interface: batadv_slave_1
[  228.915977][  T148] veth1_macvtap: left promiscuous mode
[  228.921493][  T148] veth0_macvtap: left promiscuous mode
[  228.963257][  T148] veth1_vlan: left promiscuous mode
[  228.968647][  T148] veth0_vlan: left promiscuous mode
[  229.113587][ T5842] Bluetooth: hci0: command tx timeout
[  229.752593][  T148] team0 (unregistering): Port device team_slave_1 removed
[  229.792559][  T148] team0 (unregistering): Port device team_slave_0 removed
[  230.410615][ T6149] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.473095][ T7440] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.480256][ T7440] bridge0: port 1(bridge_slave_0) entered disabled state
[  230.553005][ T7440] bridge_slave_0: entered allmulticast mode
[  230.561140][ T7440] bridge_slave_0: entered promiscuous mode
[  230.632138][ T7440] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.670667][ T7440] bridge0: port 2(bridge_slave_1) entered disabled state
[  230.742446][ T7440] bridge_slave_1: entered allmulticast mode
[  231.024470][ T7440] bridge_slave_1: entered promiscuous mode
[  231.182963][ T5842] Bluetooth: hci0: command tx timeout
[  231.597721][ T5137] Bluetooth: hci1: unexpected event for opcode 0x200a
[  231.822053][ T7440] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  231.881221][ T7440] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  232.628053][ T7440] team0: Port device team_slave_0 added
[  232.645854][ T7440] team0: Port device team_slave_1 added
[  232.816679][ T7596] fuse: Bad value for 'fd'
[  232.825812][ T7440] batman_adv: batadv0: Adding interface: batadv_slave_0
[  232.833182][ T7440] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  232.963218][ T7440] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  233.004755][ T7440] batman_adv: batadv0: Adding interface: batadv_slave_1
[  233.022725][ T7440] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  233.094712][ T7440] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  233.147268][ T7599] ip6gre1: entered promiscuous mode
[  233.156317][ T7599] ip6gre1: entered allmulticast mode
[  233.441383][ T7440] hsr_slave_0: entered promiscuous mode
[  233.515538][ T7440] hsr_slave_1: entered promiscuous mode
[  233.521987][ T7440] debugfs: 'hsr0' already exists in 'hsr'
[  233.579759][ T7440] Cannot create hsr debugfs directory
[  233.593185][ T5842] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  233.606849][ T5137] Bluetooth: hci4: command 0x1003 tx timeout
[  235.375028][ T7440] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  235.460402][ T7440] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  235.549681][ T7440] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  235.635655][ T7440] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  236.199082][ T7651] warning: `syz.6.384' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  236.482166][ T7440] 8021q: adding VLAN 0 to HW filter on device bond0
[  236.626593][ T7440] 8021q: adding VLAN 0 to HW filter on device team0
[  236.703872][ T7568] bridge0: port 1(bridge_slave_0) entered blocking state
[  236.711028][ T7568] bridge0: port 1(bridge_slave_0) entered forwarding state
[  236.770579][ T7568] bridge0: port 2(bridge_slave_1) entered blocking state
[  236.777748][ T7568] bridge0: port 2(bridge_slave_1) entered forwarding state
[  237.855584][ T7676] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  238.170276][ T7440] 8021q: adding VLAN 0 to HW filter on device batadv0
[  240.139499][ T7712] netlink: 'syz.2.398': attribute type 12 has an invalid length.
[  241.065631][ T7724] loop8: detected capacity change from 0 to 32768
[  241.143678][ T7724] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.401 (7724)
[  241.241153][ T7724] BTRFS info (device loop8): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  241.251529][ T7724] BTRFS info (device loop8): using blake2b checksum algorithm
[  241.390112][ T7440] veth0_vlan: entered promiscuous mode
[  241.420922][ T7724] BTRFS info (device loop8): enabling ssd optimizations
[  241.428324][ T7724] BTRFS info (device loop8): turning on async discard
[  241.435236][ T7724] BTRFS info (device loop8): enabling free space tree
[  241.528795][ T7440] veth1_vlan: entered promiscuous mode
[  241.743544][ T5137] Bluetooth: hci3: command 0x0406 tx timeout
[  241.771827][ T7440] veth0_macvtap: entered promiscuous mode
[  241.795841][ T7440] veth1_macvtap: entered promiscuous mode
[  241.853484][ T7440] batman_adv: batadv0: Interface activated: batadv_slave_0
[  241.983376][   T30] audit: type=1800 audit(1771117752.730:84): pid=7724 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.401" name="file1" dev="loop8" ino=260 res=0 errno=0
[  242.175179][   T30] audit: type=1800 audit(1771117752.940:85): pid=7747 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.401" name="file1" dev="loop8" ino=260 res=0 errno=0
[  242.204905][ T7440] batman_adv: batadv0: Interface activated: batadv_slave_1
[  242.354535][  T148] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  242.392858][  T148] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  242.442387][  T148] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  242.488166][ T7750] binder: 7749:7750 ioctl c0306201 2000000003c0 returned -14
[  242.505888][  T148] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  242.894225][ T7082] BTRFS info (device loop8): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  243.090811][  T148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  243.170145][  T148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  243.563992][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  243.639043][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  247.529267][ T7800] input input10: cannot allocate more than FF_MAX_EFFECTS effects
[  248.203633][ T7807] binder: BINDER_SET_CONTEXT_MGR already set
[  248.240561][ T7807] binder: 7805:7807 ioctl 4018620d 2000000002c0 returned -16
[  248.304594][ T7811] netlink: 4 bytes leftover after parsing attributes in process `syz.0.419'.
[  248.364400][ T7814] netlink: 4 bytes leftover after parsing attributes in process `syz.0.419'.
[  249.373230][ T5905] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  250.852885][ T5905] usb 9-1: Using ep0 maxpacket: 16
[  250.873901][ T5905] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  250.920209][ T5905] usb 9-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  250.987055][ T5905] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.030860][ T5905] usb 9-1: config 0 descriptor??
[  251.089443][ T5905] input: bcm5974 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/input/input11
[  254.994566][ T7874] delete_channel: no stack
[  255.027597][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  255.038640][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  257.103109][ T5171] bcm5974 9-1:0.0: could not read from device
[  257.577796][ T5905] bcm5974 9-1:0.0: could not read from device
[  257.762859][ T5171] bcm5974 9-1:0.0: could not read from device
[  258.099565][ T5905] input: failed to attach handler mousedev to device input11, error: -5
[  258.349649][ T5171] bcm5974 9-1:0.0: could not read from device
[  258.446938][ T5905] usb 9-1: USB disconnect, device number 2
[  262.626686][ T7969] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  263.616976][ T7994] binder: 7993:7994 ioctl c0306201 200000000640 returned -22
[  264.029722][ T8000] loop0: detected capacity change from 0 to 512
[  264.060514][ T8000] EXT4-fs: Ignoring removed oldalloc option
[  264.665961][ T8000] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.030443][ T5835] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.203916][ T8014] tipc: Started in network mode
[  265.239383][ T8014] tipc: Node identity 4, cluster identity 4711
[  265.271462][ T8014] tipc: Node number set to 4
[  266.890382][ T8030] ref_ctr increment failed for inode: 0x172 offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff88806b7c9880
[  270.270677][ T8071] capability: warning: `syz.9.483' uses deprecated v2 capabilities in a way that may be insecure
[  276.535759][ T8129] netlink: 212368 bytes leftover after parsing attributes in process `syz.8.498'.
[  276.658171][ T8130] loop0: detected capacity change from 0 to 32768
[  276.677139][ T8130] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.497 (8130)
[  276.733507][ T8130] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  276.743693][ T8130] BTRFS info (device loop0): using blake2b checksum algorithm
[  276.917804][ T8130] BTRFS info (device loop0): enabling ssd optimizations
[  276.924808][ T8130] BTRFS info (device loop0): turning on async discard
[  276.931570][ T8130] BTRFS info (device loop0): enabling free space tree
[  277.012245][   T30] audit: type=1800 audit(1771117787.770:86): pid=8127 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.497" name="file1" dev="loop0" ino=260 res=0 errno=0
[  277.114981][   T30] audit: type=1800 audit(1771117787.880:87): pid=8130 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.497" name="file1" dev="loop0" ino=260 res=0 errno=0
[  277.950205][ T5835] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  279.276355][ T5891] IPVS: starting estimator thread 0...
[  279.497134][ T8173] IPVS: using max 22 ests per chain, 52800 per kthread
[  280.238847][ T1150] wlan1: Trigger new scan to find an IBSS to join
[  280.728118][ T8191] binder: 8190:8191 ioctl c0306201 2000000003c0 returned -14
[  280.834800][ T5966] Process accounting resumed
[  280.871851][ T8186] Process accounting resumed
[  280.999534][ T8194] tipc: Started in network mode
[  281.028163][ T8194] tipc: Node identity 4, cluster identity 4711
[  281.071016][ T8194] tipc: Node number set to 4
[  283.384891][    T9] IPVS: starting estimator thread 0...
[  283.492904][ T8244] IPVS: using max 29 ests per chain, 69600 per kthread
[  283.823555][ T5966] Process accounting resumed
[  283.832571][ T8248] Process accounting resumed
[  284.042241][ T1152] bridge_slave_1: left allmulticast mode
[  284.068604][ T1152] bridge_slave_1: left promiscuous mode
[  284.096712][ T1152] bridge0: port 2(bridge_slave_1) entered disabled state
[  284.160101][ T1152] bridge_slave_0: left allmulticast mode
[  284.176057][ T1152] bridge_slave_0: left promiscuous mode
[  284.204487][ T1152] bridge0: port 1(bridge_slave_0) entered disabled state
[  284.252959][ T7568] wlan1: Trigger new scan to find an IBSS to join
[  285.073718][ T1152] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  285.203107][   T12] wlan1: Trigger new scan to find an IBSS to join
[  285.212012][ T1152] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  285.299346][ T1152] bond0 (unregistering): Released all slaves
[  287.228733][ T5891] IPVS: starting estimator thread 0...
[  287.309323][ T1096] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00
[  287.392832][ T8296] IPVS: using max 31 ests per chain, 74400 per kthread
[  287.847161][ T8303] overlayfs: failed to clone upperpath
[  288.158872][   T76] wlan1: Trigger new scan to find an IBSS to join
[  288.453284][ T5919] Process accounting resumed
[  288.480420][ T8311] Process accounting resumed
[  288.647416][ T5919] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  288.703626][ T1152] hsr_slave_0: left promiscuous mode
[  288.757896][ T1152] hsr_slave_1: left promiscuous mode
[  288.873201][ T5919] usb 1-1: config 0 has no interfaces?
[  288.898978][ T5919] usb 1-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[  288.974218][ T5919] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.009868][   T30] audit: type=1804 audit(1771117799.750:88): pid=8324 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.9.550" name="/newroot/32/file0" dev="tmpfs" ino=192 res=1 errno=0
[  289.024425][ T5919] usb 1-1: config 0 descriptor??
[  290.189498][ T5891] usb 1-1: USB disconnect, device number 2
[  290.206944][ T7414] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00
[  291.517381][ T1152] team0 (unregistering): Port device team_slave_1 removed
[  291.643030][ T8347] loop0: detected capacity change from 0 to 1024
[  291.672008][ T1152] team0 (unregistering): Port device team_slave_0 removed
[  291.744905][ T8347] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  292.232153][ T8358] overlayfs: failed to clone upperpath
[  292.267503][ T8332] batman_adv: batadv0: Adding interface: dummy0
[  292.292833][ T8332] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  292.359685][ T8332] batman_adv: batadv0: Interface activated: dummy0
[  292.413390][ T5835] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.432203][ T8335] batadv0: mtu less than device minimum
[  292.469132][ T8335] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  292.481156][ T8335] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  292.492813][ T8335] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  292.504304][ T8335] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  292.515762][ T8335] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  292.527242][ T8335] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  292.538762][ T8335] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  292.550228][ T8335] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  292.561702][ T8335] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  292.620146][ T8341] tipc: Started in network mode
[  292.625175][ T8341] tipc: Node identity 4, cluster identity 4711
[  292.660665][ T8341] tipc: Node number set to 4
[  292.683586][ T8352] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  293.124198][ T8374] loop8: detected capacity change from 0 to 512
[  293.160342][ T8374] EXT4-fs: Ignoring removed nobh option
[  294.285253][ T8374] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  294.419387][ T8374] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  295.983733][ T7082] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.612049][   T30] audit: type=1800 audit(1771117810.370:89): pid=8444 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.578" name="/" dev="fuse" ino=1 res=0 errno=0
[  302.591034][ T8488] netlink: 'syz.8.590': attribute type 2 has an invalid length.
[  302.939958][ T8489] netlink: 'syz.6.588': attribute type 4 has an invalid length.
[  306.979305][ T8541] 
[  314.121653][ T8613] loop8: detected capacity change from 0 to 2048
[  314.256479][ T8613]  loop8: p1 < > p4
[  314.275590][ T8613] loop8: p4 size 8388608 extends beyond EOD, truncated
[  314.602455][ T5186]  loop8: p1 < > p4
[  314.616519][ T5186] loop8: p4 size 8388608 extends beyond EOD, truncated
[  314.687032][ T8617] io-wq is not configured for unbound workers
[  314.761226][ T5823] udevd[5823]: inotify_add_watch(7, /dev/loop8p1, 10) failed: No such file or directory
[  314.789117][ T7375] udevd[7375]: inotify_add_watch(7, /dev/loop8p4, 10) failed: No such file or directory
[  315.030305][ T8621] netlink: 'syz.6.620': attribute type 2 has an invalid length.
[  316.350471][ T8630] overlayfs: failed to clone upperpath
[  316.468355][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  316.480625][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  317.988162][   T76] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  318.571523][ T5842] Bluetooth: hci6: command 0x0406 tx timeout
[  319.719242][ T8659] overlayfs: failed to clone upperpath
[  320.204084][ T7414] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  320.402298][ T8665] batman_adv: batadv0: Adding interface: dummy0
[  320.512933][ T8665] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  320.617862][ T8665] batman_adv: batadv0: Interface activated: dummy0
[  321.141094][ T8671] net_ratelimit: 10 callbacks suppressed
[  321.141114][ T8671] batadv0: mtu less than device minimum
[  321.160482][ T8671] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  321.172474][ T8671] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  321.184407][ T8671] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  321.196322][ T8671] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  321.208258][ T8671] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  321.220176][ T8671] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  321.232106][ T8671] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  321.244086][ T8671] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  321.256005][ T8671] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  324.520865][ T8682] overlayfs: failed to clone upperpath
[  324.984427][ T8695] netlink: 4 bytes leftover after parsing attributes in process `syz.6.645'.
[  330.393487][ T8770] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  331.653943][ T8786] netlink: 'syz.9.663': attribute type 1 has an invalid length.
[  332.071849][ T8791] gretap1: entered promiscuous mode
[  332.140264][ T8791] bond1: (slave gretap1): making interface the new active one
[  332.186440][ T8791] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  334.036172][ T8828] netlink: 4 bytes leftover after parsing attributes in process `syz.2.676'.
[  335.558309][ T8853] netlink: 40 bytes leftover after parsing attributes in process `syz.9.679'.
[  336.503902][ T8856] binder: BINDER_SET_CONTEXT_MGR already set
[  336.534412][ T8856] binder: 8855:8856 ioctl 4018620d 200000004a80 returned -16
[  337.503903][ T8876] Illegal XDP return value 105091128 on prog  (id 64) dev syz_tun, expect packet loss!
[  338.139484][ T8889] overlayfs: failed to clone upperpath
[  338.459537][ T8896] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  338.588062][ T8896] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  338.730080][ T8905] netlink: 40 bytes leftover after parsing attributes in process `syz.5.694'.
[  339.583540][ T8894] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  340.844295][ T8925] netlink: 12 bytes leftover after parsing attributes in process `syz.6.701'.
[  343.182999][ T5891] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  343.462839][ T5891] usb 10-1: Using ep0 maxpacket: 32
[  343.472035][ T5891] usb 10-1: config 0 has an invalid interface number: 67 but max is 0
[  343.511448][ T5891] usb 10-1: config 0 has no interface number 0
[  343.625670][ T8966] netlink: 40 bytes leftover after parsing attributes in process `syz.2.709'.
[  344.411751][ T5891] usb 10-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  344.421194][ T5891] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  344.429536][ T5891] usb 10-1: Product: syz
[  344.435327][ T5891] usb 10-1: Manufacturer: syz
[  344.440019][ T5891] usb 10-1: SerialNumber: syz
[  344.542146][ T5891] usb 10-1: config 0 descriptor??
[  345.093809][ T5891] smsc95xx 10-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  345.124465][ T5891] smsc95xx 10-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  346.766933][ T5891] smsc95xx 10-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000038: -71
[  346.783861][ T5891] smsc95xx 10-1:0.67: probe with driver smsc95xx failed with error -71
[  346.802511][ T5891] usb 10-1: USB disconnect, device number 2
[  349.272506][ T5842] Bluetooth: hci0: command 0x0406 tx timeout
[  349.375506][ T9000] netlink: 156 bytes leftover after parsing attributes in process `syz.2.721'.
[  349.729302][ T9008] loop9: detected capacity change from 0 to 512
[  350.246739][ T9008] EXT4-fs: Ignoring removed nomblk_io_submit option
[  350.339884][ T9008] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  350.387455][ T9008] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  350.600590][ T9008] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:4223: comm syz.9.725: Allocating blocks 41-42 which overlap fs metadata
[  350.641669][ T9008] loop9: lost filesystem error report for type 5 error -117
[  350.643137][    C1] EXT4-fs (loop9): initial error at time 1771117861: ext4_mb_mark_diskspace_used:4223
[  350.645624][ T9020] netlink: 9 bytes leftover after parsing attributes in process `syz.6.727'.
[  350.650481][    C1] 
[  350.671614][    C1] EXT4-fs (loop9): last error at time 1771117861: ext4_mb_mark_diskspace_used:4223
[  350.698838][ T9008] EXT4-fs (loop9): Remounting filesystem read-only
[  350.753135][ T9008] Quota error (device loop9): write_blk: dquota write failed
[  350.760906][ T9008] Quota error (device loop9): find_free_dqentry: Can't write quota data block 5
[  350.782401][ T9020] netlink: 9 bytes leftover after parsing attributes in process `syz.6.727'.
[  350.859696][ T9008] Quota error (device loop9): write_blk: dquota write failed
[  350.886060][ T9008] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[  350.932706][ T9008] EXT4-fs (loop9): 1 truncate cleaned up
[  350.978480][ T9008] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  352.970939][ T7440] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.398305][ T7568] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.153665][ T1150] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  354.300511][ T9041] bond0: (slave ip6gretap1): Enslaving as an active interface with an up link
[  354.525282][ T7568] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.696359][ T7568] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.941590][ T7568] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  355.543235][ T5842] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  355.558626][ T5842] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  355.678624][ T5842] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  355.728840][ T5842] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  355.742878][ T5842] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  355.920207][ T9064] binder: BINDER_SET_CONTEXT_MGR already set
[  355.936477][ T9064] binder: 9063:9064 ioctl 4018620d 200000000100 returned -16
[  356.175690][ T7568] bridge_slave_1: left allmulticast mode
[  356.313125][ T7568] bridge_slave_1: left promiscuous mode
[  356.318952][ T7568] bridge0: port 2(bridge_slave_1) entered disabled state
[  356.524422][ T7568] bridge_slave_0: left allmulticast mode
[  356.530205][ T7568] bridge_slave_0: left promiscuous mode
[  356.563075][ T7568] bridge0: port 1(bridge_slave_0) entered disabled state
[  357.643878][ T7568] bond1 (unregistering): (slave gretap1): Releasing active interface
[  358.121105][ T7568] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  358.142900][ T5842] Bluetooth: hci0: command tx timeout
[  358.232435][ T7568] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  358.349367][ T7568] bond0 (unregistering): Released all slaves
[  358.421772][ T7568] bond1 (unregistering): Released all slaves
[  358.764545][ T7568] tipc: Left network mode
[  359.499071][ T9106] 8021q: adding VLAN 0 to HW filter on device bond0
[  359.592211][ T9108] evm: overlay not supported
[  359.691179][ T9106] bond0: (slave ip6gretap1): Enslaving as an active interface with an up link
[  359.956679][ T7568] hsr_slave_0: left promiscuous mode
[  359.995747][ T7568] hsr_slave_1: left promiscuous mode
[  360.008048][ T7568] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  360.041744][ T7568] batman_adv: batadv0: Removing interface: batadv_slave_0
[  360.075509][ T7568] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  360.094183][ T7568] batman_adv: batadv0: Removing interface: batadv_slave_1
[  360.156170][ T7568] veth1_macvtap: left promiscuous mode
[  360.163574][ T7568] veth0_macvtap: left promiscuous mode
[  360.179569][ T7568] veth1_vlan: left promiscuous mode
[  360.196264][ T7568] veth0_vlan: left promiscuous mode
[  360.224182][ T5842] Bluetooth: hci0: command tx timeout
[  361.771690][ T7568] team0 (unregistering): Port device team_slave_1 removed
[  361.826545][ T7568] team0 (unregistering): Port device team_slave_0 removed
[  363.002322][ T5842] Bluetooth: hci0: command tx timeout
[  365.803370][ T5842] Bluetooth: hci0: command tx timeout
[  366.512886][ T9131] netlink: 8 bytes leftover after parsing attributes in process `syz.8.756'.
[  366.993485][ T9164] netlink: 4 bytes leftover after parsing attributes in process `syz.0.767'.
[  367.065525][ T9165] netlink: 4 bytes leftover after parsing attributes in process `syz.0.767'.
[  367.164150][ T9165] netlink: 4 bytes leftover after parsing attributes in process `syz.0.767'.
[  367.266294][ T9058] chnl_net:caif_netlink_parms(): no params data found
[  367.401739][ T9171] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  368.102138][ T9058] bridge0: port 1(bridge_slave_0) entered blocking state
[  368.147842][ T9058] bridge0: port 1(bridge_slave_0) entered disabled state
[  368.203594][ T9058] bridge_slave_0: entered allmulticast mode
[  368.282943][ T9058] bridge_slave_0: entered promiscuous mode
[  368.374818][ T9189] netlink: 'syz.0.772': attribute type 4 has an invalid length.
[  368.497369][ T9058] bridge0: port 2(bridge_slave_1) entered blocking state
[  368.540433][ T9058] bridge0: port 2(bridge_slave_1) entered disabled state
[  368.584279][ T9058] bridge_slave_1: entered allmulticast mode
[  368.611837][ T9058] bridge_slave_1: entered promiscuous mode
[  368.731512][ T7568] IPVS: stop unused estimator thread 0...
[  369.136375][ T9058] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  369.223493][ T9058] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  369.381768][ T9058] team0: Port device team_slave_0 added
[  369.426844][ T9058] team0: Port device team_slave_1 added
[  369.659004][ T9058] batman_adv: batadv0: Adding interface: batadv_slave_0
[  369.711032][ T9058] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  369.824506][ T5842] Bluetooth: hci5: unexpected event for opcode 0x0413
[  369.829434][ T9058] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  369.831702][ T5842] Bluetooth: hci5: SCO packet for unknown connection handle 200
[  369.937692][ T9058] batman_adv: batadv0: Adding interface: batadv_slave_1
[  370.020869][ T9058] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  370.075556][ T9210] 9pnet: p9_errstr2errno: server reported unknown error 0x0
[  370.155625][ T9058] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  371.439710][ T9058] hsr_slave_0: entered promiscuous mode
[  371.475812][ T9058] hsr_slave_1: entered promiscuous mode
[  371.489234][ T9058] debugfs: 'hsr0' already exists in 'hsr'
[  371.539190][ T9058] Cannot create hsr debugfs directory
[  371.643172][ T9226] overlayfs: failed to clone upperpath
[  374.143362][ T5842] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  374.152122][ T5842] Bluetooth: hci5: Injecting HCI hardware error event
[  374.163231][ T5842] Bluetooth: hci5: hardware error 0x00
[  375.319126][ T9058] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  375.388715][ T9058] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  375.489141][ T9058] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  375.575377][ T9058] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  376.047755][ T9058] 8021q: adding VLAN 0 to HW filter on device bond0
[  376.192594][ T9058] 8021q: adding VLAN 0 to HW filter on device team0
[  376.315816][  T148] bridge0: port 1(bridge_slave_0) entered blocking state
[  376.323070][  T148] bridge0: port 1(bridge_slave_0) entered forwarding state
[  376.527965][ T5842] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  376.802069][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  376.809338][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  378.003699][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  378.012553][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  380.950090][ T9058] 8021q: adding VLAN 0 to HW filter on device batadv0
[  382.499253][ T9058] veth0_vlan: entered promiscuous mode
[  382.660754][ T9058] veth1_vlan: entered promiscuous mode
[  384.828349][ T9058] veth0_macvtap: entered promiscuous mode
[  385.695979][ T1150] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  385.741461][ T9058] veth1_macvtap: entered promiscuous mode
[  385.855563][ T9058] batman_adv: batadv0: Interface activated: batadv_slave_0
[  386.110242][ T9058] batman_adv: batadv0: Interface activated: batadv_slave_1
[  386.297625][ T9382] ip6t_rpfilter: unknown options
[  387.004342][ T7568] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  387.017442][ T7568] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  387.124122][ T7568] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  387.182951][ T7568] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  388.085359][  T148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  388.093270][ T9395] netlink: 12 bytes leftover after parsing attributes in process `syz.8.817'.
[  388.221781][  T148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  388.301308][ T9395] smc: adding net device bond0 with user defined pnetid SYZ2
[  388.319014][ T9395] 8021q: adding VLAN 0 to HW filter on device bond0
[  389.594408][ T9397] 8021q: adding VLAN 0 to HW filter on device bond0
[  389.645216][ T9397] bond0: (slave vxcan3): The slave device specified does not support setting the MAC address
[  389.718953][ T9397] bond0: (slave vxcan3): Error -95 calling set_mac_address
[  389.781164][ T9408] netlink: 4 bytes leftover after parsing attributes in process `syz.5.820'.
[  389.985378][ T9408] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  390.017054][ T9408] batman_adv: batadv0: Removing interface: batadv_slave_0
[  390.303982][ T9408] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  390.311431][ T9408] batman_adv: batadv0: Removing interface: batadv_slave_1
[  390.390846][ T9412] netlink: 17780 bytes leftover after parsing attributes in process `syz.6.821'.
[  391.455828][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  391.526315][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  395.752601][ T9453] netlink: 12 bytes leftover after parsing attributes in process `syz.0.831'.
[  395.975706][ T9459] netlink: 12 bytes leftover after parsing attributes in process `syz.0.831'.
[  400.220378][ T9502] netlink: 24 bytes leftover after parsing attributes in process `syz.0.844'.
[  406.772733][ T9545] tipc: Failed to remove unknown binding: 66,0,0/0:468791074/468791075
[  406.788474][ T9545] tipc: Failed to remove unknown binding: 66,0,0/0:468791074/468791075
[  411.443485][ T9596] syz.0.877 uses obsolete (PF_INET,SOCK_PACKET)
[  415.021782][ T9648] loop3: detected capacity change from 0 to 256
[  415.249119][ T9648] exFAT-fs (loop3): failed to test first cluster bit of root dir(5)
[  416.511652][ T9664] netlink: 'syz.6.893': attribute type 5 has an invalid length.
[  416.565560][ T9668] netlink: 'syz.6.893': attribute type 5 has an invalid length.
[  417.997788][ T1150] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  418.180788][ T9686] netlink: 'syz.3.882': attribute type 13 has an invalid length.
[  420.299185][ T9686] bridge0: port 2(bridge_slave_1) entered disabled state
[  420.306796][ T9686] bridge0: port 1(bridge_slave_0) entered disabled state
[  421.041588][ T9686] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  421.070166][ T9686] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  421.986335][ T9715] cgroup: fork rejected by pids controller in /syz6
[  423.625808][ T7414] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  423.642655][ T7414] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  423.735219][ T7414] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  423.798859][ T7414] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  429.051243][ T9811] loop8: detected capacity change from 0 to 1024
[  430.495142][ T9819] netlink: 'syz.0.908': attribute type 1 has an invalid length.
[  430.533202][ T9819] netlink: 4 bytes leftover after parsing attributes in process `syz.0.908'.
[  430.604260][ T9823] netlink: 24 bytes leftover after parsing attributes in process `syz.6.911'.
[  439.522305][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  439.542978][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  446.209529][ T9978] netlink: 'syz.8.946': attribute type 1 has an invalid length.
[  446.921144][ T9978] 8021q: adding VLAN 0 to HW filter on device bond1
[  447.112942][ T9984] vlan2: entered allmulticast mode
[  447.122852][ T9984] veth0_to_bond: entered allmulticast mode
[  447.146753][ T9984] bond1: (slave vlan2): Enslaving as an active interface with a down link
[  450.236041][   T36] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  453.046885][T10038] netlink: 52 bytes leftover after parsing attributes in process `syz.6.964'.
[  453.071537][T10040] netlink: 4 bytes leftover after parsing attributes in process `syz.3.961'.
[  453.104469][T10038] netlink: 76 bytes leftover after parsing attributes in process `syz.6.964'.
[  453.118314][T10040] batman_adv: batadv0: Removing interface: batadv_slave_0
[  453.397716][T10040] batman_adv: batadv0: Removing interface: batadv_slave_1
[  454.089778][T10038] netlink: 52 bytes leftover after parsing attributes in process `syz.6.964'.
[  458.223022][   T30] audit: type=1800 audit(2000000039.840:90): pid=10109 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.981" name="file1" dev="overlay" ino=550 res=0 errno=0
[  458.333928][T10112] netlink: 'syz.5.982': attribute type 5 has an invalid length.
[  458.395638][T10115] netlink: 'syz.5.982': attribute type 5 has an invalid length.
[  458.577221][T10120] netlink: 4 bytes leftover after parsing attributes in process `syz.6.985'.
[  460.048493][T10120] batman_adv: batadv0: Removing interface: batadv_slave_0
[  460.132489][T10120] batman_adv: batadv0: Removing interface: batadv_slave_1
[  460.269288][T10120] batman_adv: batadv0: Interface deactivated: dummy0
[  460.319389][T10120] batman_adv: batadv0: Removing interface: dummy0
[  462.340361][T10157] input: syz1 as /devices/virtual/input/input12
[  466.697394][ T5137] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  466.714042][ T5137] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  466.723974][ T5137] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  466.738835][ T5137] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  466.746643][ T5137] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  467.741536][T10216] chnl_net:caif_netlink_parms(): no params data found
[  468.067752][T10240] 9pnet: p9_errstr2errno: server reported unknown error 0x000000000
[  468.666262][T10216] bridge0: port 1(bridge_slave_0) entered blocking state
[  468.684021][T10216] bridge0: port 1(bridge_slave_0) entered disabled state
[  468.736885][T10216] bridge_slave_0: entered allmulticast mode
[  468.774848][T10216] bridge_slave_0: entered promiscuous mode
[  468.785850][ T5137] Bluetooth: hci0: command tx timeout
[  468.962067][T10216] bridge0: port 2(bridge_slave_1) entered blocking state
[  469.073426][T10216] bridge0: port 2(bridge_slave_1) entered disabled state
[  469.098401][T10216] bridge_slave_1: entered allmulticast mode
[  469.146577][T10216] bridge_slave_1: entered promiscuous mode
[  469.443805][ T1152] bridge_slave_1: left allmulticast mode
[  469.478540][ T1152] bridge_slave_1: left promiscuous mode
[  469.502687][ T1152] bridge0: port 2(bridge_slave_1) entered disabled state
[  469.573736][ T1152] bridge_slave_0: left allmulticast mode
[  469.600067][ T1152] bridge_slave_0: left promiscuous mode
[  469.774167][T10270] netlink: 'syz.0.1024': attribute type 27 has an invalid length.
[  469.813348][ T1152] bridge0: port 1(bridge_slave_0) entered disabled state
[  469.825583][T10270] netlink: 'syz.0.1024': attribute type 4 has an invalid length.
[  469.867213][T10270] netlink: 144 bytes leftover after parsing attributes in process `syz.0.1024'.
[  470.643785][ T1152] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  470.681351][ T1152] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  470.761519][T10278] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  470.777936][T10278] Error validating options; rc = [-22]
[  470.863236][ T5137] Bluetooth: hci0: command tx timeout
[  471.463340][ T1152] bond0 (unregistering): Released all slaves
[  471.579363][T10280] netlink: 'syz.8.1025': attribute type 5 has an invalid length.
[  471.648226][T10283] netlink: 'syz.8.1025': attribute type 5 has an invalid length.
[  472.952287][ T5137] Bluetooth: hci0: command tx timeout
[  473.188981][T10216] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  473.507093][T10216] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  474.233358][T10216] team0: Port device team_slave_0 added
[  474.310177][T10216] team0: Port device team_slave_1 added
[  474.331045][T10301] loop0: detected capacity change from 0 to 512
[  474.375859][T10301] EXT4-fs (loop0): Test dummy encryption mode enabled
[  474.386384][T10301] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  474.474983][T10301] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.1031: bad orphan inode 131083
[  474.761430][ T5919] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  475.023142][ T5137] Bluetooth: hci0: command tx timeout
[  475.522890][T10301] loop0: lost filesystem error report for type 5 error -117
[  475.532803][    C0] EXT4-fs (loop0): error count since last fsck: 1
[  475.546786][    C0] EXT4-fs (loop0): initial error at time 2000000057: ext4_orphan_get:1417
[  475.555322][    C0] EXT4-fs (loop0): last error at time 2000000057: ext4_orphan_get:1417
[  475.574595][T10301] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  475.660119][ T5919] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  475.699958][ T5919] usb 9-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  475.755403][ T5919] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  475.808606][ T5919] usb 9-1: config 0 descriptor??
[  475.823293][ T1152] hsr_slave_0: left promiscuous mode
[  475.863193][ T1152] hsr_slave_1: left promiscuous mode
[  475.888939][ T5919] pwc: Askey VC010 type 2 USB webcam detected.
[  476.285064][ T5835] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  476.305532][ T5919] pwc: recv_control_msg error -32 req 02 val 2b00
[  476.461575][ T5919] pwc: recv_control_msg error -32 req 02 val 2700
[  476.731635][ T5919] pwc: recv_control_msg error -32 req 02 val 2c00
[  477.168118][ T5919] pwc: recv_control_msg error -32 req 04 val 1000
[  477.193842][ T5919] pwc: recv_control_msg error -32 req 04 val 1300
[  477.212867][ T5919] pwc: recv_control_msg error -32 req 04 val 1400
[  477.219949][ T5919] pwc: recv_control_msg error -32 req 02 val 2000
[  477.296720][ T5919] pwc: recv_control_msg error -32 req 02 val 2100
[  477.507887][ T5919] pwc: recv_control_msg error -71 req 02 val 2500
[  477.533452][ T5919] pwc: recv_control_msg error -71 req 02 val 2400
[  477.564072][ T5919] pwc: recv_control_msg error -71 req 02 val 2600
[  477.699306][ T5919] pwc: recv_control_msg error -71 req 02 val 2900
[  477.716274][ T5919] pwc: recv_control_msg error -71 req 02 val 2800
[  477.760428][ T5919] pwc: recv_control_msg error -71 req 04 val 1100
[  477.776639][ T5919] pwc: recv_control_msg error -71 req 04 val 1200
[  477.865883][ T5919] pwc: Registered as video103.
[  477.879236][ T5919] input: PWC snapshot button as /devices/platform/dummy_hcd.8/usb9/9-1/input/input13
[  478.007191][ T5919] usb 9-1: USB disconnect, device number 3
[  478.160695][ T1152] team0 (unregistering): Port device team_slave_1 removed
[  478.229666][T10311] udevd[10311]: setting mode of /dev/input/event4 to 020660 failed: No such file or directory
[  478.295115][T10311] udevd[10311]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory
[  478.308616][ T1152] team0 (unregistering): Port device team_slave_0 removed
[  479.063451][T10216] batman_adv: batadv0: Adding interface: batadv_slave_0
[  479.070434][T10216] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  479.212919][T10216] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  479.295183][T10216] batman_adv: batadv0: Adding interface: batadv_slave_1
[  479.323396][T10216] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  479.376764][T10216] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  479.540198][T10216] hsr_slave_0: entered promiscuous mode
[  479.555388][T10216] hsr_slave_1: entered promiscuous mode
[  479.566345][T10216] debugfs: 'hsr0' already exists in 'hsr'
[  479.572666][T10216] Cannot create hsr debugfs directory
[  480.797108][T10374] netlink: 'syz.0.1045': attribute type 5 has an invalid length.
[  480.852369][T10376] netlink: 'syz.0.1045': attribute type 5 has an invalid length.
[  482.399342][   T76] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  483.802693][T10400] overlayfs: missing 'lowerdir'
[  486.227402][T10428] loop8: detected capacity change from 0 to 256
[  487.650475][T10439] loop0: detected capacity change from 0 to 512
[  487.743029][T10439] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  488.308808][T10439] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2857: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  488.711804][T10439] EXT4-fs (loop0): 1 truncate cleaned up
[  488.775443][T10439] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  490.989833][T10216] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  492.411722][T10216] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  492.943755][T10216] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  493.014314][T10470] netlink: 'syz.2.1070': attribute type 13 has an invalid length.
[  493.247099][T10457] net_ratelimit: 10 callbacks suppressed
[  493.247121][T10457] Set syz1 is full, maxelem 65536 reached
[  493.396802][T10216] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  493.605438][ T5835] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  498.028917][T10216] 8021q: adding VLAN 0 to HW filter on device bond0
[  499.139989][T10216] 8021q: adding VLAN 0 to HW filter on device team0
[  499.973689][ T1150] bridge0: port 1(bridge_slave_0) entered blocking state
[  499.980857][ T1150] bridge0: port 1(bridge_slave_0) entered forwarding state
[  501.104723][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  501.111991][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  501.245843][ T1150] bridge0: port 2(bridge_slave_1) entered blocking state
[  501.253091][ T1150] bridge0: port 2(bridge_slave_1) entered forwarding state
[  501.721190][T10216] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  501.744648][T10216] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  502.616501][T10532] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1083'.
[  503.970775][T10553] ip6gre1: entered promiscuous mode
[  504.024658][T10553] ip6gre1: entered allmulticast mode
[  504.138369][T10553] netlink: 'syz.0.1089': attribute type 6 has an invalid length.
[  504.156801][T10553] netlink: 'syz.0.1089': attribute type 7 has an invalid length.
[  504.196514][ T5842] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  504.208046][ T5842] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  504.216634][ T5842] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  504.235127][ T5842] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  504.243699][ T5842] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  504.273047][T10553] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1089'.
[  504.672038][T10216] 8021q: adding VLAN 0 to HW filter on device batadv0
[  506.324640][ T5842] Bluetooth: hci4: command tx timeout
[  508.383320][ T5842] Bluetooth: hci4: command tx timeout
[  509.402788][T10216] veth0_vlan: entered promiscuous mode
[  510.481022][ T5842] Bluetooth: hci4: command tx timeout
[  510.511463][T10556] chnl_net:caif_netlink_parms(): no params data found
[  510.547703][T10216] veth1_vlan: entered promiscuous mode
[  512.629306][ T5842] Bluetooth: hci4: command tx timeout
[  513.126669][T10216] veth0_macvtap: entered promiscuous mode
[  513.197024][T10216] veth1_macvtap: entered promiscuous mode
[  515.428504][   T12] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  515.863541][T10556] bridge0: port 1(bridge_slave_0) entered blocking state
[  515.877883][T10556] bridge0: port 1(bridge_slave_0) entered disabled state
[  515.925998][T10556] bridge_slave_0: entered allmulticast mode
[  516.614967][T10556] bridge_slave_0: entered promiscuous mode
[  516.685236][T10556] bridge0: port 2(bridge_slave_1) entered blocking state
[  516.962490][T10556] bridge0: port 2(bridge_slave_1) entered disabled state
[  517.854017][T10556] bridge_slave_1: entered allmulticast mode
[  517.862091][T10556] bridge_slave_1: entered promiscuous mode
[  519.064329][T10216] batman_adv: batadv0: Interface activated: batadv_slave_0
[  519.215561][T10673] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1117'.
[  519.448136][T10556] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  520.360347][T10216] batman_adv: batadv0: Interface activated: batadv_slave_1
[  521.194204][T10556] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  521.775305][T10556] team0: Port device team_slave_0 added
[  522.564865][T10556] team0: Port device team_slave_1 added
[  522.587447][   T82] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  522.653014][   T82] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  522.661785][   T82] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  522.711739][  T148] bridge_slave_1: left allmulticast mode
[  522.728206][  T148] bridge_slave_1: left promiscuous mode
[  522.750331][  T148] bridge0: port 2(bridge_slave_1) entered disabled state
[  522.842167][  T148] bridge_slave_0: left allmulticast mode
[  522.882844][  T148] bridge_slave_0: left promiscuous mode
[  522.888663][  T148] bridge0: port 1(bridge_slave_0) entered disabled state
[  522.952073][T10691] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1122'.
[  523.195404][  T148] bond0 (unregistering): (slave ip6gretap1): Releasing backup interface
[  524.349125][   T30] audit: type=1326 audit(2000000105.160:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10705 comm="syz.0.1127" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7634d9bf79 code=0x0
[  525.433310][T10725] xt_CT: No such helper "pptp"
[  526.641802][  T148] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  526.782284][  T148] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  526.806518][ T5137] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  526.816690][ T5137] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  526.835647][  T148] bond0 (unregistering): Released all slaves
[  526.841815][ T5137] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  526.857324][ T5137] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  526.867213][ T5137] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  526.885016][  T148] bond1 (unregistering): Released all slaves
[  527.375423][  T148] tipc: Left network mode
[  527.398738][   T82] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  527.506335][T10556] batman_adv: batadv0: Adding interface: batadv_slave_0
[  527.522940][T10556] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  527.623976][T10556] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  527.694088][T10556] batman_adv: batadv0: Adding interface: batadv_slave_1
[  527.708857][T10556] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  528.016301][T10556] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  529.035657][ T5842] Bluetooth: hci3: command tx timeout
[  530.896867][T10767] loop8: detected capacity change from 0 to 1024
[  531.082306][T10767] bridge0: the hash_elasticity option has been deprecated and is always 16
[  531.097675][T10767] bridge0: port 2(bridge_slave_1) entered disabled state
[  531.105776][T10767] bridge0: port 1(bridge_slave_0) entered disabled state
[  531.120207][ T5842] Bluetooth: hci3: command tx timeout
[  532.297290][T10556] hsr_slave_0: entered promiscuous mode
[  532.328114][T10556] hsr_slave_1: entered promiscuous mode
[  532.353691][T10556] debugfs: 'hsr0' already exists in 'hsr'
[  532.359469][T10556] Cannot create hsr debugfs directory
[  532.704160][  T148] hsr_slave_0: left promiscuous mode
[  532.725163][  T148] hsr_slave_1: left promiscuous mode
[  533.130139][T10818] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  533.244935][ T5842] Bluetooth: hci3: command tx timeout
[  535.682524][ T5842] Bluetooth: hci3: command tx timeout
[  537.105076][  T148] team0 (unregistering): Port device team_slave_1 removed
[  537.180167][  T148] team0 (unregistering): Port device team_slave_0 removed
[  538.233104][T10855] loop0: detected capacity change from 0 to 1156
[  538.276750][T10855] ISOFS: unable to read i-node block
[  538.282703][T10855] isofs_fill_super: get root inode failed
[  542.991260][T10893] loop0: detected capacity change from 0 to 40427
[  543.041953][T10893] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  543.050325][T10893] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  543.065782][T10893] F2FS-fs (loop0): invalid crc value
[  543.229411][T10893] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  543.251909][T10893] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  543.259309][T10893] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  543.743154][   T30] audit: type=1800 audit(2000000125.280:92): pid=10902 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1167" name="file1" dev="loop0" ino=10 res=0 errno=0
[  544.596769][T10738] chnl_net:caif_netlink_parms(): no params data found
[  544.967907][  T148] IPVS: stop unused estimator thread 0...
[  548.076906][  T148] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  549.085666][   T13] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  549.724835][T10738] bridge0: port 1(bridge_slave_0) entered blocking state
[  549.732062][T10738] bridge0: port 1(bridge_slave_0) entered disabled state
[  549.777937][T10738] bridge_slave_0: entered allmulticast mode
[  549.795871][T10738] bridge_slave_0: entered promiscuous mode
[  549.875176][T10738] bridge0: port 2(bridge_slave_1) entered blocking state
[  549.882346][T10738] bridge0: port 2(bridge_slave_1) entered disabled state
[  549.922056][T10738] bridge_slave_1: entered allmulticast mode
[  550.122463][T10738] bridge_slave_1: entered promiscuous mode
[  551.096923][  T148] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  551.782865][T10963] loop8: detected capacity change from 0 to 32768
[  552.461915][T10963] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.1179 (10963)
[  552.568544][  T148] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  552.570234][T10963] BTRFS info (device loop8): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  552.589188][T10963] BTRFS info (device loop8): using blake2b checksum algorithm
[  552.656439][T10738] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  552.749414][T10738] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  552.792649][T10963] BTRFS info (device loop8): enabling ssd optimizations
[  552.799709][T10963] BTRFS info (device loop8): turning on async discard
[  552.806746][T10963] BTRFS info (device loop8): enabling free space tree
[  553.859504][  T148] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  553.934574][   T30] audit: type=1800 audit(2000000135.540:93): pid=10963 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.1179" name="file1" dev="loop8" ino=260 res=0 errno=0
[  554.116285][T11002] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1182'.
[  555.136172][T10738] team0: Port device team_slave_0 added
[  555.270898][T10738] team0: Port device team_slave_1 added
[  555.420335][T11010] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000000
[  555.605682][T10738] batman_adv: batadv0: Adding interface: batadv_slave_0
[  555.628688][T10738] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  555.700543][T10738] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  555.715320][ T7082] BTRFS info (device loop8): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  555.786978][T10738] batman_adv: batadv0: Adding interface: batadv_slave_1
[  555.803228][T10738] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  556.066194][T10738] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  556.453595][T10738] hsr_slave_0: entered promiscuous mode
[  556.474132][T10738] hsr_slave_1: entered promiscuous mode
[  556.501729][T10738] debugfs: 'hsr0' already exists in 'hsr'
[  556.509231][T10738] Cannot create hsr debugfs directory
[  556.583640][T10556] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  556.607235][T10556] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  556.646685][T10556] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  556.754939][T10556] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  556.922131][  T148] bridge_slave_1: left allmulticast mode
[  556.934341][  T148] bridge_slave_1: left promiscuous mode
[  556.942339][  T148] bridge0: port 2(bridge_slave_1) entered disabled state
[  556.968452][  T148] bridge_slave_0: left allmulticast mode
[  556.974354][  T148] bridge_slave_0: left promiscuous mode
[  556.982049][  T148] bridge0: port 1(bridge_slave_0) entered disabled state
[  557.263960][  T148] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  557.280091][  T148] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  557.302456][  T148] bond0 (unregistering): Released all slaves
[  557.460371][  T148] hsr_slave_0: left promiscuous mode
[  557.468107][  T148] hsr_slave_1: left promiscuous mode
[  557.474529][  T148] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  557.481911][  T148] batman_adv: batadv0: Removing interface: batadv_slave_0
[  557.490550][  T148] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  557.498271][  T148] batman_adv: batadv0: Removing interface: batadv_slave_1
[  557.523588][  T148] veth1_macvtap: left promiscuous mode
[  557.529639][  T148] veth0_macvtap: left promiscuous mode
[  557.535383][  T148] veth1_vlan: left promiscuous mode
[  557.540647][  T148] veth0_vlan: left promiscuous mode
[  557.886875][  T148] team0 (unregistering): Port device team_slave_1 removed
[  557.906921][  T148] team0 (unregistering): Port device team_slave_0 removed
[  558.267289][T10556] 8021q: adding VLAN 0 to HW filter on device bond0
[  558.330075][T10556] 8021q: adding VLAN 0 to HW filter on device team0
[  558.358033][ T7303] bridge0: port 1(bridge_slave_0) entered blocking state
[  558.365227][ T7303] bridge0: port 1(bridge_slave_0) entered forwarding state
[  558.440370][ T7303] bridge0: port 2(bridge_slave_1) entered blocking state
[  558.447748][ T7303] bridge0: port 2(bridge_slave_1) entered forwarding state
[  558.730862][T10738] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  558.747986][T10738] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  558.765303][T10738] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  558.785959][T10738] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  558.993686][T10556] 8021q: adding VLAN 0 to HW filter on device batadv0
[  559.025124][T10738] 8021q: adding VLAN 0 to HW filter on device bond0
[  559.058653][T10738] 8021q: adding VLAN 0 to HW filter on device team0
[  559.097447][ T1150] bridge0: port 1(bridge_slave_0) entered blocking state
[  559.104658][ T1150] bridge0: port 1(bridge_slave_0) entered forwarding state
[  559.126757][ T1150] bridge0: port 2(bridge_slave_1) entered blocking state
[  559.133930][ T1150] bridge0: port 2(bridge_slave_1) entered forwarding state
[  559.181662][T10738] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  559.195902][T10738] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  559.628638][T10556] veth0_vlan: entered promiscuous mode
[  559.655547][T10556] veth1_vlan: entered promiscuous mode
[  559.674537][T10738] 8021q: adding VLAN 0 to HW filter on device batadv0
[  559.733728][T10556] veth0_macvtap: entered promiscuous mode
[  559.760541][T10556] veth1_macvtap: entered promiscuous mode
[  559.802420][T10738] veth0_vlan: entered promiscuous mode
[  559.813843][T10556] batman_adv: batadv0: Interface activated: batadv_slave_0
[  559.836712][T10556] batman_adv: batadv0: Interface activated: batadv_slave_1
[  559.845265][T10738] veth1_vlan: entered promiscuous mode
[  559.869727][ T1150] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  559.879308][ T1150] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  559.897703][ T1150] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  559.907739][ T1150] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  559.972239][T10738] veth0_macvtap: entered promiscuous mode
[  560.026477][T10738] veth1_macvtap: entered promiscuous mode
[  560.057623][  T148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  560.077506][  T148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  560.109560][T10738] batman_adv: batadv0: Interface activated: batadv_slave_0
[  560.125794][T10824] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  560.138754][T10824] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  560.148379][T10738] batman_adv: batadv0: Interface activated: batadv_slave_1
[  560.177981][T10824] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  560.190191][T10824] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  560.211812][T10824] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  560.225562][T10824] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  561.413233][T11102] loop8: detected capacity change from 0 to 512
[  562.024092][T11102] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  562.227023][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  562.233462][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  562.292713][T11102] ext4 filesystem being mounted at /137/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  564.051836][ T7568] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  564.072082][ T7568] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  564.508574][T11104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  564.762830][T11104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  566.294241][ T7082] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  567.797831][T11137] loop8: detected capacity change from 0 to 256
[  568.953145][   T30] audit: type=1800 audit(2000000150.560:94): pid=11137 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.1191" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop8" ino=1048685 res=0 errno=0
[  575.046851][T11192] IPv6: NLM_F_CREATE should be specified when creating new route
[  575.055971][T11192] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  575.063663][T11192] IPv6: NLM_F_CREATE should be set when creating new route
[  575.634293][   T30] audit: type=1804 audit(2000000157.260:95): pid=11184 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1206" name="/newroot/6/file0" dev="tmpfs" ino=49 res=1 errno=0
[  575.674396][T11184] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -17959, delta: 1
[  575.725562][T11184] ref_ctr increment failed for inode: 0x31 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88806ce024c0
[  575.820138][T11188] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -17959, delta: -1
[  575.833517][T11188] ref_ctr decrement failed for inode: 0x31 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88806ce024c0
[  575.990479][T11188] uprobe: syz.4.1206:11188 failed to unregister, leaking uprobe
[  580.334617][   T30] audit: type=1326 audit(2000000161.960:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11238 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16a939bf79 code=0x7ffc0000
[  581.049499][   T30] audit: type=1326 audit(2000000162.030:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11238 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f16a939bf79 code=0x7ffc0000
[  581.051709][ T1150] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  581.196435][   T30] audit: type=1326 audit(2000000162.810:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11238 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16a939bf79 code=0x7ffc0000
[  582.161836][   T30] audit: type=1326 audit(2000000162.810:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11238 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16a939bf79 code=0x7ffc0000
[  582.189360][T11241] loop4: detected capacity change from 0 to 256
[  582.344529][   T30] audit: type=1326 audit(2000000162.820:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11238 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7f16a939bf79 code=0x7ffc0000
[  582.484605][T11241] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d)
[  582.502878][   T30] audit: type=1326 audit(2000000162.820:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11238 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16a939bf79 code=0x7ffc0000
[  582.635631][   T30] audit: type=1326 audit(2000000162.820:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11238 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f16a939bf79 code=0x7ffc0000
[  582.812014][   T30] audit: type=1326 audit(2000000162.820:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11238 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16a939bf79 code=0x7ffc0000
[  582.865735][   T30] audit: type=1326 audit(2000000162.850:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11238 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f16a939bf79 code=0x7ffc0000
[  582.893688][   T30] audit: type=1326 audit(2000000162.850:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11238 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16a939bf79 code=0x7ffc0000
[  583.828458][   T30] audit: type=1326 audit(2000000163.040:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11238 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f16a939bf79 code=0x7ffc0000
[  586.552817][   T30] kauditd_printk_skb: 27 callbacks suppressed
[  586.552844][   T30] audit: type=1326 audit(2000000168.160:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11290 comm="syz.5.1231" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f94acf9bf79 code=0x0
[  587.169844][T11309] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1235'.
[  588.822348][T11325] Bluetooth: MGMT ver 1.23
[  590.080322][T11332] netlink: 'syz.5.1240': attribute type 1 has an invalid length.
[  591.252735][ T5137] Bluetooth: hci2: command 0x0406 tx timeout
[  591.258877][ T5842] Bluetooth: hci2: Opcode 0x0401 failed: -110
[  591.417975][T11332] 8021q: adding VLAN 0 to HW filter on device bond3
[  592.485000][T11338] bond3: (slave geneve2): making interface the new active one
[  592.499460][T11338] bond3: (slave geneve2): Enslaving as an active interface with an up link
[  595.078604][T11380] fuse: Bad value for 'fd'
[  595.375963][T11383] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  598.750253][T11419] netlink: 'syz.8.1261': attribute type 1 has an invalid length.
[  598.877910][T11419] 8021q: adding VLAN 0 to HW filter on device bond2
[  599.022220][T11428] bond2: (slave geneve2): making interface the new active one
[  599.065352][T11428] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  602.875346][T11459] syz_tun: entered allmulticast mode
[  602.906374][T11459] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1270'.
[  604.486835][T11478] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1278'.
[  605.509544][T11459] syz_tun (unregistering): left allmulticast mode
[  606.598471][T11499] netlink: 'syz.4.1281': attribute type 1 has an invalid length.
[  606.779659][T11499] 8021q: adding VLAN 0 to HW filter on device bond1
[  607.394732][T11503] bond1: (slave geneve2): making interface the new active one
[  607.417340][T11503] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  609.151009][T11517] netlink: 'syz.0.1286': attribute type 1 has an invalid length.
[  609.289832][T11517] 8021q: adding VLAN 0 to HW filter on device bond1
[  609.402436][T11522] ip6erspan0: entered promiscuous mode
[  609.500467][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880554f2400: rx timeout, send abort
[  609.548495][T11522] bond1: (slave ip6erspan0): making interface the new active one
[  609.606002][T11522] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link
[  610.002244][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880554f1400: rx timeout, send abort
[  610.010663][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880554f2400: abort rx timeout. Force session deactivation
[  610.510623][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880554f1400: abort rx timeout. Force session deactivation
[  615.297829][   T12] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  615.475102][T11579] netlink: 'syz.1.1300': attribute type 1 has an invalid length.
[  615.704159][T11579] 8021q: adding VLAN 0 to HW filter on device bond1
[  615.805974][T11581] bond1: (slave geneve2): making interface the new active one
[  615.869917][T11581] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  618.477270][T11602] orangefs_mount: mount request failed with -4
[  621.184262][T11631] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1311'.
[  621.568467][T11641] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1313'.
[  622.848954][T11661] ip6t_REJECT: ECHOREPLY is not supported
[  623.756059][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  623.771301][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  624.661891][T11682] Dead loop on virtual device ip6_vti0, fix it urgently!
[  624.681572][T11682] Dead loop on virtual device ip6_vti0, fix it urgently!
[  624.768538][T11686] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1324'.
[  625.579005][T11682] Dead loop on virtual device ip6_vti0, fix it urgently!
[  625.621422][T11682] Dead loop on virtual device ip6_vti0, fix it urgently!
[  625.653317][T11682] Dead loop on virtual device ip6_vti0, fix it urgently!
[  625.680900][T11682] Dead loop on virtual device ip6_vti0, fix it urgently!
[  625.712479][T11682] Dead loop on virtual device ip6_vti0, fix it urgently!
[  625.792880][    T9] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  625.972908][    T9] usb 1-1: Using ep0 maxpacket: 8
[  625.998330][    T9] usb 1-1: config 0 has an invalid descriptor of length 54, skipping remainder of the config
[  626.023220][    T9] usb 1-1: config 0 interface 0 altsetting 4 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  626.055667][    T9] usb 1-1: config 0 interface 0 has no altsetting 0
[  626.081129][    T9] usb 1-1: New USB device found, idVendor=056a, idProduct=0336, bcdDevice= 0.00
[  626.104186][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  626.144875][    T9] usb 1-1: config 0 descriptor??
[  626.582951][    T9] usb 1-1: string descriptor 0 read error: -71
[  626.601300][    T9] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  626.656233][    T9] usb 1-1: USB disconnect, device number 3
[  626.756126][T11705] loop8: detected capacity change from 0 to 128
[  629.341158][T11727] xt_socket: unknown flags 0x50
[  630.379079][T11733] openvswitch: netlink: IPv4 tunnel dst address is zero
[  630.873045][ T5137] Bluetooth: hci4: command 0x0406 tx timeout
[  633.206521][ T5137] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  633.234502][ T5137] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  633.246340][ T5137] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  633.323903][ T5137] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  633.561155][ T5137] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  635.462334][T11759] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1342'.
[  635.665996][ T5137] Bluetooth: hci0: command tx timeout
[  637.852917][ T5137] Bluetooth: hci0: command tx timeout
[  639.917429][ T5137] Bluetooth: hci0: command tx timeout
[  640.744708][T11087] kernel write not supported for file bpf-prog (pid: 11087 comm: kworker/0:1)
[  640.906252][T11800] netlink: 'syz.1.1350': attribute type 1 has an invalid length.
[  642.052165][ T5137] Bluetooth: hci0: command tx timeout
[  644.146090][T11744] chnl_net:caif_netlink_parms(): no params data found
[  646.909335][T11744] bridge0: port 1(bridge_slave_0) entered blocking state
[  647.703577][T11862] orangefs_mount: mount request failed with -4
[  647.819777][T11744] bridge0: port 1(bridge_slave_0) entered disabled state
[  647.827194][T11744] bridge_slave_0: entered allmulticast mode
[  647.859445][T11744] bridge_slave_0: entered promiscuous mode
[  647.912224][T11744] bridge0: port 2(bridge_slave_1) entered blocking state
[  647.946613][T11744] bridge0: port 2(bridge_slave_1) entered disabled state
[  647.969764][T11744] bridge_slave_1: entered allmulticast mode
[  648.071667][T11744] bridge_slave_1: entered promiscuous mode
[  649.491059][T11744] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  650.244952][T10825] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  650.259906][T11744] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  650.458761][T11744] team0: Port device team_slave_0 added
[  650.486642][T11744] team0: Port device team_slave_1 added
[  651.657844][T11744] batman_adv: batadv0: Adding interface: batadv_slave_0
[  651.682937][T11744] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  651.702854][ T5842] Bluetooth: hci3: command 0x0406 tx timeout
[  652.103386][T11744] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  652.142343][T11744] batman_adv: batadv0: Adding interface: batadv_slave_1
[  652.160285][T11744] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  652.243609][T11744] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  652.633838][T11906] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  652.641115][T11906] IPv6: NLM_F_CREATE should be set when creating new route
[  655.487883][T11932] netlink: 'syz.5.1381': attribute type 1 has an invalid length.
[  656.263464][ T5137] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  656.272685][ T5137] Bluetooth: hci4: Injecting HCI hardware error event
[  656.284697][ T5842] Bluetooth: hci4: hardware error 0x00
[  657.091777][T11910] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  657.137478][   T30] audit: type=1326 audit(2000000238.760:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11952 comm="syz.0.1386" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7634d9bf79 code=0x0
[  657.138717][T11910] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  658.713202][ T5842] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  661.050028][T11984] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1393'.
[  661.203172][T11981] syz_tun: entered allmulticast mode
[  661.235522][ T1152] netdevsim netdevsim8 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  661.265674][ T1152] netdevsim netdevsim8 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  662.289480][T11744] hsr_slave_0: entered promiscuous mode
[  662.296388][T11744] hsr_slave_1: entered promiscuous mode
[  662.342096][T11744] debugfs: 'hsr0' already exists in 'hsr'
[  662.351894][T11744] Cannot create hsr debugfs directory
[  662.875860][T11984] syz_tun (unregistering): left allmulticast mode
[  663.250858][T12001] random: crng reseeded on system resumption
[  663.973315][ T1152] netdevsim netdevsim8 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  664.024287][T10825] netdevsim netdevsim8 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  664.172226][   T29] IPVS: starting estimator thread 0...
[  664.315144][T12008] IPVS: using max 25 ests per chain, 60000 per kthread
[  668.970433][T12044] orangefs_mount: mount request failed with -4
[  675.195690][T12105] netlink: 36 bytes leftover after parsing attributes in process `syz.8.1420'.
[  675.239119][T12105] netlink: 16 bytes leftover after parsing attributes in process `syz.8.1420'.
[  675.292857][T12105] netlink: 36 bytes leftover after parsing attributes in process `syz.8.1420'.
[  675.327113][T12105] netlink: 36 bytes leftover after parsing attributes in process `syz.8.1420'.
[  683.875981][   T82] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  685.283878][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  685.290212][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  686.068568][T12186] netlink: 'syz.5.1440': attribute type 4 has an invalid length.
[  691.103016][ T5137] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  691.121067][ T5137] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  691.133541][ T5137] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  691.154202][ T5137] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  691.172058][ T5137] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  693.650553][ T5842] Bluetooth: hci7: command tx timeout
[  695.683033][ T5842] Bluetooth: hci7: command tx timeout
[  696.616683][   T30] audit: type=1326 audit(2000000278.230:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12273 comm="syz.5.1458" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f94acf9bf79 code=0x0
[  697.752253][ T5842] Bluetooth: hci7: command tx timeout
[  698.159331][ T1096] bridge_slave_1: left allmulticast mode
[  698.169651][ T1096] bridge_slave_1: left promiscuous mode
[  698.196241][ T1096] bridge0: port 2(bridge_slave_1) entered disabled state
[  699.789776][ T1096] bridge_slave_0: left allmulticast mode
[  699.813747][ T1096] bridge_slave_0: left promiscuous mode
[  700.722326][ T5842] Bluetooth: hci7: command tx timeout
[  700.774587][ T1096] bridge0: port 1(bridge_slave_0) entered disabled state
[  703.195641][ T1096] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  703.465499][ T1096] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  705.421206][ T1096] bond0 (unregistering): Released all slaves
[  709.345666][T12402] fuse: Bad value for 'fd'
[  709.457414][ T1096] hsr_slave_0: left promiscuous mode
[  709.715555][ T1096] hsr_slave_1: left promiscuous mode
[  709.724895][ T1096] batman_adv: batadv0: Removing interface: batadv_slave_0
[  710.581135][ T1096] batman_adv: batadv0: Removing interface: batadv_slave_1
[  712.873717][T12436] xt_CT: You must specify a L4 protocol and not use inversions on it
[  713.547767][T12438] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1494'.
[  713.575785][ T5842] Bluetooth: hci3: unexpected event for opcode 0x0803
[  713.725751][ T1096] team0 (unregistering): Port device team_slave_1 removed
[  714.734183][ T1096] team0 (unregistering): Port device team_slave_0 removed
[  716.290543][T12435] veth0: entered promiscuous mode
[  716.609553][   T82] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  716.630121][T12435] veth0: left promiscuous mode
[  717.583917][ T5842] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  717.592599][ T5842] Bluetooth: hci3: Injecting HCI hardware error event
[  717.603124][ T5137] Bluetooth: hci3: hardware error 0x00
[  717.701307][T12223] chnl_net:caif_netlink_parms(): no params data found
[  720.023854][ T5137] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  722.365729][T12223] bridge0: port 1(bridge_slave_0) entered blocking state
[  722.372988][T12223] bridge0: port 1(bridge_slave_0) entered disabled state
[  722.380337][T12223] bridge_slave_0: entered allmulticast mode
[  723.033612][T12515] fuse: Bad value for 'fd'
[  723.043109][T12223] bridge_slave_0: entered promiscuous mode
[  723.307370][T12223] bridge0: port 2(bridge_slave_1) entered blocking state
[  723.473618][T12223] bridge0: port 2(bridge_slave_1) entered disabled state
[  723.640830][T12223] bridge_slave_1: entered allmulticast mode
[  723.971838][T12223] bridge_slave_1: entered promiscuous mode
[  724.334674][T12525] netlink: 36 bytes leftover after parsing attributes in process `syz.8.1516'.
[  725.180438][T12223] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  725.194811][T12223] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  727.534495][T12223] team0: Port device team_slave_0 added
[  727.821481][T12223] team0: Port device team_slave_1 added
[  730.737783][T12223] batman_adv: batadv0: Adding interface: batadv_slave_0
[  730.832998][T12223] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  730.934027][T12223] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  730.983568][T12223] batman_adv: batadv0: Adding interface: batadv_slave_1
[  730.990547][T12223] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  731.099454][T12223] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  732.882146][T12223] hsr_slave_0: entered promiscuous mode
[  733.132428][T12223] hsr_slave_1: entered promiscuous mode
[  733.143346][T12223] debugfs: 'hsr0' already exists in 'hsr'
[  733.924970][T12223] Cannot create hsr debugfs directory
[  736.037346][T12598] loop0: detected capacity change from 0 to 512
[  736.156865][T12598] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  738.252535][T12621] netlink: 'syz.8.1540': attribute type 4 has an invalid length.
[  740.453342][   T12] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  741.042488][T12647] xt_CT: You must specify a L4 protocol and not use inversions on it
[  744.453742][T12223] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  744.521342][T12223] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  744.640023][T12223] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  746.004714][T12223] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  746.739606][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  746.751421][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  747.050550][T12703] loop0: detected capacity change from 0 to 1024
[  747.828823][T12708] netlink: 'syz.5.1559': attribute type 4 has an invalid length.
[  747.853999][T12703] hfsplus: Unknown parameter 'asymmetPic@�u��й�d��Y��dI$(�S�BߙJ�&#mа4m�se�vS�:"-����X�F6�4�f��aLt@%a�'
[  747.963672][T12697] loop0: detected capacity change from 0 to 2048
[  748.155114][T12697] nilfs2: Unknown parameter './file1'
[  748.945371][   T82] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  751.722216][T12737] loop8: detected capacity change from 0 to 164
[  751.740036][T12737] iso9660: Unknown parameter 'ioc��10�>Xdtharset'
[  752.075066][ T5842] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  752.109334][ T5842] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  752.123914][ T5842] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  752.176047][ T5842] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  752.185997][ T5842] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  753.165802][T12223] kthread_run failed with err -4
[  753.473552][T12767] fuse: Bad value for 'fd'
[  754.488318][ T5137] Bluetooth: hci0: command tx timeout
[  756.543800][ T5137] Bluetooth: hci0: command tx timeout
[  757.069233][T12801] xt_CT: You must specify a L4 protocol and not use inversions on it
[  759.483214][ T5137] Bluetooth: hci0: command tx timeout
[  759.795506][T12750] chnl_net:caif_netlink_parms(): no params data found
[  761.502867][ T5137] Bluetooth: hci0: command tx timeout
[  761.932364][ T1150] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  763.273688][ T1150] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  763.346393][T12750] bridge0: port 1(bridge_slave_0) entered blocking state
[  763.416191][T12750] bridge0: port 1(bridge_slave_0) entered disabled state
[  763.446551][T12750] bridge_slave_0: entered allmulticast mode
[  763.499193][T12750] bridge_slave_0: entered promiscuous mode
[  763.894756][ T1150] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  764.199471][T12870] xt_CT: You must specify a L4 protocol and not use inversions on it
[  764.970390][T12750] bridge0: port 2(bridge_slave_1) entered blocking state
[  764.987832][T12750] bridge0: port 2(bridge_slave_1) entered disabled state
[  765.023129][T12750] bridge_slave_1: entered allmulticast mode
[  765.065654][T12750] bridge_slave_1: entered promiscuous mode
[  765.475456][ T1150] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  765.551148][T12750] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  765.601095][T12750] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  765.689219][T12750] team0: Port device team_slave_0 added
[  765.705018][T12750] team0: Port device team_slave_1 added
[  766.041736][T12750] batman_adv: batadv0: Adding interface: batadv_slave_0
[  766.048773][T12750] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  766.077333][T12750] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  767.721765][T12750] batman_adv: batadv0: Adding interface: batadv_slave_1
[  767.775979][T12750] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  768.302967][T12750] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  769.573089][T12936] loop8: detected capacity change from 0 to 512
[  769.690278][T12936] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  769.801451][T12936] EXT4-fs error (device loop8): xattr_find_entry:337: inode #15: comm syz.8.1610: corrupted xattr entries
[  769.813507][T12936] loop8: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  769.821553][T12936] EXT4-fs (loop8): 1 orphan inode deleted
[  769.831183][    C0] EXT4-fs (loop8): error count since last fsck: 1
[  769.831218][    C0] EXT4-fs (loop8): initial error at time 2000000021: xattr_find_entry:337: inode 15
[  769.831275][    C0] EXT4-fs (loop8): last error at time 2000000021: xattr_find_entry:337: inode 15
[  769.882907][T12936] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  770.059089][T12750] hsr_slave_0: entered promiscuous mode
[  770.101011][T12750] hsr_slave_1: entered promiscuous mode
[  770.174640][T12750] debugfs: 'hsr0' already exists in 'hsr'
[  770.180413][T12750] Cannot create hsr debugfs directory
[  770.267257][ T7082] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  770.563995][T12949] loop8: detected capacity change from 0 to 512
[  770.637273][T12949] EXT4-fs (loop8): Test dummy encryption mode enabled
[  770.692447][T12949] EXT4-fs (loop8): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  770.847618][T12949] EXT4-fs error (device loop8): htree_dirblock_to_tree:1051: inode #2: comm syz.8.1614: Directory hole found for htree leaf block 0
[  770.873914][T12949] EXT4-fs (loop8): Remounting filesystem read-only
[  771.092818][T12959] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1616'.
[  771.741888][ T7082] EXT4-fs (loop8): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  772.665331][ T1150] bond0 (unregistering): Released all slaves
[  772.730409][ T1150] bond1 (unregistering): Released all slaves
[  773.859101][ T1150] tipc: Disabling bearer <udp:syz2>
[  773.915891][ T1150] tipc: Left network mode
[  775.470925][T13014] loop0: detected capacity change from 0 to 256
[  776.742833][T13014] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  777.279607][T13035] loop8: detected capacity change from 0 to 512
[  778.786918][T13014] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010364, chksum : 0x44009a1b, utbl_chksum : 0xe619d30d)
[  779.210171][T13050] loop0: detected capacity change from 0 to 1024
[  779.217840][T13050] EXT4-fs: Ignoring removed bh option
[  779.275444][T13050] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  782.226714][ T5835] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  782.636915][T13064] tipc: Started in network mode
[  782.641777][T13064] tipc: Node identity 4, cluster identity 4711
[  782.649814][   T13] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  782.684870][T13064] tipc: Node number set to 4
[  784.606717][T13088] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1643'.
[  789.804381][ T1150] hsr_slave_0: left promiscuous mode
[  789.824762][ T1150] hsr_slave_1: left promiscuous mode
[  789.848792][ T1150] batman_adv: batadv0: Interface deactivated: dummy0
[  789.862225][ T1150] batman_adv: batadv0: Removing interface: dummy0
[  789.886621][ T1150] veth1_macvtap: left promiscuous mode
[  789.904761][ T1150] veth0_macvtap: left allmulticast mode
[  789.910469][ T1150] veth0_macvtap: left promiscuous mode
[  789.921374][ T1150] veth1_vlan: left promiscuous mode
[  789.929900][ T1150] veth0_vlan: left promiscuous mode
[  791.040541][   T30] audit: type=1800 audit(2000000042.870:137): pid=13138 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1656" name="bus" dev="tmpfs" ino=1792 res=0 errno=0
[  795.535155][T13159] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1661'.
[  802.842091][T12750] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  803.482938][T13210] netlink: 16 bytes leftover after parsing attributes in process `syz.8.1672'.
[  805.973747][T13207] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1674'.
[  806.059083][T12750] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  807.326685][T12750] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  808.294348][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  808.303308][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  808.950591][T13226] fuse: Bad value for 'fd'
[  809.345476][T12750] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  812.084227][ T1150] bridge_slave_1: left allmulticast mode
[  812.089928][ T1150] bridge_slave_1: left promiscuous mode
[  812.177236][ T1150] bridge0: port 2(bridge_slave_1) entered disabled state
[  812.445014][ T1150] bridge_slave_0: left allmulticast mode
[  812.450714][ T1150] bridge_slave_0: left promiscuous mode
[  813.471056][ T1150] bridge0: port 1(bridge_slave_0) entered disabled state
[  813.807688][ T1096] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  818.271065][ T5842] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  818.282200][ T5842] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  818.295123][ T5842] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  818.309531][ T5842] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  818.319525][ T5842] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  820.183673][ T1150] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  820.402912][ T5842] Bluetooth: hci1: command tx timeout
[  820.441053][ T1150] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  820.765135][ T1150] bond0 (unregistering): Released all slaves
[  823.573059][ T5842] Bluetooth: hci1: command tx timeout
[  823.744761][ T1150] hsr_slave_0: left promiscuous mode
[  824.990971][ T1150] hsr_slave_1: left promiscuous mode
[  825.024787][ T1150] batman_adv: batadv0: Removing interface: batadv_slave_0
[  825.129884][T13334] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1703'.
[  825.163749][ T1150] batman_adv: batadv0: Removing interface: batadv_slave_1
[  826.384358][ T5842] Bluetooth: hci1: command tx timeout
[  828.602522][ T5842] Bluetooth: hci1: command tx timeout
[  832.343378][ T1150] team0 (unregistering): Port device team_slave_1 removed
[  832.634081][ T1150] team0 (unregistering): Port device team_slave_0 removed
[  841.864455][T13300] chnl_net:caif_netlink_parms(): no params data found
[  841.903569][T13436] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  841.915848][T13436] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  841.987623][T13436] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  842.004518][T13436] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  842.025016][T13436] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  844.618345][ T5842] Bluetooth: hci0: command tx timeout
[  847.370387][ T5842] Bluetooth: hci0: command tx timeout
[  847.697657][T13300] bridge0: port 1(bridge_slave_0) entered blocking state
[  847.705388][T13300] bridge0: port 1(bridge_slave_0) entered disabled state
[  847.712661][T13300] bridge_slave_0: entered allmulticast mode
[  847.721113][T13300] bridge_slave_0: entered promiscuous mode
[  847.739141][T10393] IPVS: starting estimator thread 0...
[  847.799873][T13300] bridge0: port 2(bridge_slave_1) entered blocking state
[  847.837596][T13300] bridge0: port 2(bridge_slave_1) entered disabled state
[  847.873368][T13300] bridge_slave_1: entered allmulticast mode
[  847.892941][T13470] IPVS: using max 23 ests per chain, 55200 per kthread
[  847.924663][T13300] bridge_slave_1: entered promiscuous mode
[  849.028785][   T82] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  849.423446][ T5842] Bluetooth: hci0: command tx timeout
[  851.547422][T13436] Bluetooth: hci0: command tx timeout
[  853.140669][T13300] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  853.166784][T13300] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  855.948225][T13300] team0: Port device team_slave_0 added
[  856.762073][T13300] team0: Port device team_slave_1 added
[  857.387317][T13300] batman_adv: batadv0: Adding interface: batadv_slave_0
[  857.413820][T13300] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  857.521117][T13300] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  857.572594][T13300] batman_adv: batadv0: Adding interface: batadv_slave_1
[  857.597794][T13300] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  857.810428][T13300] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  863.067341][T13300] hsr_slave_0: entered promiscuous mode
[  863.075521][T13300] hsr_slave_1: entered promiscuous mode
[  863.664840][T13596] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1760'.
[  866.969915][T13435] chnl_net:caif_netlink_parms(): no params data found
[  867.129930][ T1150] bridge_slave_1: left allmulticast mode
[  867.136552][ T1150] bridge_slave_1: left promiscuous mode
[  867.142323][ T1150] bridge0: port 2(bridge_slave_1) entered disabled state
[  867.162695][ T1150] bridge_slave_0: left allmulticast mode
[  867.181613][ T1150] bridge_slave_0: left promiscuous mode
[  867.203156][ T1150] bridge0: port 1(bridge_slave_0) entered disabled state
[  867.298540][T13623] netlink: 14 bytes leftover after parsing attributes in process `syz.8.1765'.
[  868.311564][ T1150] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  868.332699][ T1150] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  868.366273][ T1150] bond0 (unregistering): Released all slaves
[  868.740854][ T1150] hsr_slave_0: left promiscuous mode
[  868.749564][ T1150] hsr_slave_1: left promiscuous mode
[  868.804610][ T1150] batman_adv: batadv0: Removing interface: batadv_slave_0
[  869.719217][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  869.727276][ T1150] batman_adv: batadv0: Removing interface: batadv_slave_1
[  869.742871][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  870.737421][T13664] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1774'.
[  871.403951][ T1150] team0 (unregistering): Port device team_slave_1 removed
[  871.447877][ T1150] team0 (unregistering): Port device team_slave_0 removed
[  872.489876][T13681] batadv_slave_1: entered promiscuous mode
[  873.270289][T13435] bridge0: port 1(bridge_slave_0) entered blocking state
[  873.286478][T13435] bridge0: port 1(bridge_slave_0) entered disabled state
[  873.294032][T13435] bridge_slave_0: entered allmulticast mode
[  873.319870][T13435] bridge_slave_0: entered promiscuous mode
[  873.345179][T13435] bridge0: port 2(bridge_slave_1) entered blocking state
[  873.360534][T13435] bridge0: port 2(bridge_slave_1) entered disabled state
[  873.368974][T13435] bridge_slave_1: entered allmulticast mode
[  873.386059][T13435] bridge_slave_1: entered promiscuous mode
[  873.395230][T13676] batadv_slave_1: left promiscuous mode
[  873.612290][T13435] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  873.641291][T13435] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  879.477472][T13713] netlink: 124 bytes leftover after parsing attributes in process `syz.5.1786'.
[  879.488369][T13713] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1786'.
[  880.206926][T13436] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  880.241459][T13436] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  880.258907][T13436] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  880.273251][T13436] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  880.291407][T13436] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  880.398132][T13435] team0: Port device team_slave_0 added
[  880.655611][T13435] team0: Port device team_slave_1 added
[  880.751157][T13727] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1787'.
[  881.711177][T13723] syzkaller0: entered promiscuous mode
[  881.759355][T13723] syzkaller0: entered allmulticast mode
[  881.847611][T13435] batman_adv: batadv0: Adding interface: batadv_slave_0
[  881.865850][T13435] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  881.922055][T13435] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  881.976076][T13733] netlink: 277 bytes leftover after parsing attributes in process `syz.1.1789'.
[  882.472935][ T5842] Bluetooth: hci5: command tx timeout
[  882.824716][ T1150] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  882.949952][T13435] batman_adv: batadv0: Adding interface: batadv_slave_1
[  882.962838][T13435] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  883.034895][T13435] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  884.566988][ T5842] Bluetooth: hci5: command tx timeout
[  886.627248][ T5842] Bluetooth: hci5: command tx timeout
[  888.371099][   T76] bridge_slave_1: left allmulticast mode
[  888.395914][   T76] bridge_slave_1: left promiscuous mode
[  888.585831][   T76] bridge0: port 2(bridge_slave_1) entered disabled state
[  888.720957][ T5842] Bluetooth: hci5: command tx timeout
[  889.368163][T13790] netlink: 20 bytes leftover after parsing attributes in process `syz.8.1799'.
[  890.242394][   T76] bridge_slave_0: left allmulticast mode
[  890.322920][   T76] bridge_slave_0: left promiscuous mode
[  890.328724][   T76] bridge0: port 1(bridge_slave_0) entered disabled state
[  890.423016][T13795] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1801'.
[  893.484703][   T76] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  893.537051][   T76] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  894.586005][   T76] bond0 (unregistering): Released all slaves
[  894.619444][T13435] hsr_slave_0: entered promiscuous mode
[  894.628719][T13435] hsr_slave_1: entered promiscuous mode
[  895.552954][T13435] debugfs: 'hsr0' already exists in 'hsr'
[  895.641150][T13435] Cannot create hsr debugfs directory
[  898.034054][   T76] hsr_slave_0: left promiscuous mode
[  898.294006][   T76] hsr_slave_1: left promiscuous mode
[  898.300689][   T76] batman_adv: batadv0: Removing interface: batadv_slave_0
[  898.323291][ T5842] Bluetooth: hci6: Malformed MSFT vendor event: 0x02
[  898.359872][   T76] batman_adv: batadv0: Removing interface: batadv_slave_1
[  903.693684][T13436] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  903.717728][T13436] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  903.736389][T13436] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  903.748796][T13436] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  903.758570][T13436] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  904.976696][   T76] team0 (unregistering): Port device team_slave_1 removed
[  905.073073][   T76] team0 (unregistering): Port device team_slave_0 removed
[  906.226611][T13436] Bluetooth: hci1: command tx timeout
[  906.432209][T13914] netlink: 14 bytes leftover after parsing attributes in process `syz.5.1827'.
[  906.703900][T13435] net veth1_virt_wifi: can't register_netdevice: -12
[  908.386752][T13436] Bluetooth: hci1: command tx timeout
[  909.757269][T13714] chnl_net:caif_netlink_parms(): no params data found
[  910.616224][T13436] Bluetooth: hci1: command tx timeout
[  912.870556][T13891] chnl_net:caif_netlink_parms(): no params data found
[  912.943038][T13436] Bluetooth: hci1: command tx timeout
[  914.629776][T13714] bridge0: port 1(bridge_slave_0) entered blocking state
[  914.662702][T13714] bridge0: port 1(bridge_slave_0) entered disabled state
[  914.689775][T13714] bridge_slave_0: entered allmulticast mode
[  914.709773][T13714] bridge_slave_0: entered promiscuous mode
[  914.784327][T13984] loop8: detected capacity change from 0 to 1024
[  914.816135][T13984] EXT4-fs: Ignoring removed nomblk_io_submit option
[  914.851683][ T1096] bridge_slave_1: left allmulticast mode
[  914.896967][ T1096] bridge_slave_1: left promiscuous mode
[  914.928854][ T1096] bridge0: port 2(bridge_slave_1) entered disabled state
[  914.959748][T13984] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  914.982831][ T1096] bridge_slave_0: left allmulticast mode
[  914.996352][ T1096] bridge_slave_0: left promiscuous mode
[  916.192277][   T76] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  916.219790][ T1096] bridge0: port 1(bridge_slave_0) entered disabled state
[  916.234866][   T30] audit: type=1800 audit(2000000168.060:138): pid=13984 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.1840" name="file1" dev="loop8" ino=15 res=0 errno=0
[  917.616673][ T7082] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  917.660958][ T1096] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  917.676690][ T1096] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  917.691852][ T1096] bond0 (unregistering): Released all slaves
[  917.709958][T13714] bridge0: port 2(bridge_slave_1) entered blocking state
[  917.725735][T13714] bridge0: port 2(bridge_slave_1) entered disabled state
[  917.735016][T13714] bridge_slave_1: entered allmulticast mode
[  917.756254][T13714] bridge_slave_1: entered promiscuous mode
[  917.836299][ T1096] hsr_slave_0: left promiscuous mode
[  917.845252][ T1096] hsr_slave_1: left promiscuous mode
[  917.851334][ T1096] batman_adv: batadv0: Removing interface: batadv_slave_0
[  917.859975][ T1096] batman_adv: batadv0: Removing interface: batadv_slave_1
[  917.959072][ T1096] team0 (unregistering): Port device team_slave_1 removed
[  917.984932][ T1096] team0 (unregistering): Port device team_slave_0 removed
[  918.194164][T13714] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  918.236528][T13714] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  918.328723][T13891] bridge0: port 1(bridge_slave_0) entered blocking state
[  918.355249][T13891] bridge0: port 1(bridge_slave_0) entered disabled state
[  918.362541][T13891] bridge_slave_0: entered allmulticast mode
[  918.380026][T13891] bridge_slave_0: entered promiscuous mode
[  918.391170][T13714] team0: Port device team_slave_0 added
[  918.411834][T13891] bridge0: port 2(bridge_slave_1) entered blocking state
[  918.431450][T13891] bridge0: port 2(bridge_slave_1) entered disabled state
[  918.448329][T13891] bridge_slave_1: entered allmulticast mode
[  918.459776][T13891] bridge_slave_1: entered promiscuous mode
[  918.473545][T13714] team0: Port device team_slave_1 added
[  918.559768][T13891] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  918.572263][T13714] batman_adv: batadv0: Adding interface: batadv_slave_0
[  918.592973][T13714] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  918.629030][T13714] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  918.651846][T13891] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  918.679778][T13714] batman_adv: batadv0: Adding interface: batadv_slave_1
[  918.687327][T13714] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  918.713804][T13714] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  918.784227][T13891] team0: Port device team_slave_0 added
[  918.815919][T13891] team0: Port device team_slave_1 added
[  918.893174][T13714] hsr_slave_0: entered promiscuous mode
[  918.900319][T13714] hsr_slave_1: entered promiscuous mode
[  918.913827][T13891] batman_adv: batadv0: Adding interface: batadv_slave_0
[  918.920779][T13891] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  918.950863][T13891] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  918.969668][T13891] batman_adv: batadv0: Adding interface: batadv_slave_1
[  918.978300][T13891] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  919.005083][T13891] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  919.132634][T13891] hsr_slave_0: entered promiscuous mode
[  919.139824][T13891] hsr_slave_1: entered promiscuous mode
[  919.146753][T13891] debugfs: 'hsr0' already exists in 'hsr'
[  919.152495][T13891] Cannot create hsr debugfs directory
[  919.564672][T13714] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  919.585799][T13714] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  919.667911][T13714] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  919.680626][T13714] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  920.030997][T13714] 8021q: adding VLAN 0 to HW filter on device bond0
[  920.055369][T13714] 8021q: adding VLAN 0 to HW filter on device team0
[  920.070091][ T7414] bridge0: port 1(bridge_slave_0) entered blocking state
[  920.077326][ T7414] bridge0: port 1(bridge_slave_0) entered forwarding state
[  920.138411][ T1150] bridge0: port 2(bridge_slave_1) entered blocking state
[  920.145614][ T1150] bridge0: port 2(bridge_slave_1) entered forwarding state
[  920.336890][T13891] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  920.349364][T13891] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  920.374533][T13891] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  920.389382][T13891] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  920.540401][T13891] 8021q: adding VLAN 0 to HW filter on device bond0
[  920.605599][T13891] 8021q: adding VLAN 0 to HW filter on device team0
[  920.659754][ T7303] bridge0: port 1(bridge_slave_0) entered blocking state
[  920.666959][ T7303] bridge0: port 1(bridge_slave_0) entered forwarding state
[  920.696616][ T7303] bridge0: port 2(bridge_slave_1) entered blocking state
[  920.703815][ T7303] bridge0: port 2(bridge_slave_1) entered forwarding state
[  920.882335][T13714] 8021q: adding VLAN 0 to HW filter on device batadv0
[  921.151998][T13891] 8021q: adding VLAN 0 to HW filter on device batadv0
[  921.496951][T13714] veth0_vlan: entered promiscuous mode
[  921.536383][T13714] veth1_vlan: entered promiscuous mode
[  921.644074][T13714] veth0_macvtap: entered promiscuous mode
[  921.668957][T13714] veth1_macvtap: entered promiscuous mode
[  921.720985][T13891] veth0_vlan: entered promiscuous mode
[  921.742246][T13714] batman_adv: batadv0: Interface activated: batadv_slave_0
[  921.761594][T13891] veth1_vlan: entered promiscuous mode
[  921.789451][T13714] batman_adv: batadv0: Interface activated: batadv_slave_1
[  921.820443][   T76] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  921.832214][   T76] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  921.846370][   T76] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  921.861580][   T76] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  921.986156][T13891] veth0_macvtap: entered promiscuous mode
[  922.046537][T13891] veth1_macvtap: entered promiscuous mode
[  922.058037][   T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  922.082529][   T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  922.126309][T13891] batman_adv: batadv0: Interface activated: batadv_slave_0
[  922.172764][T13891] batman_adv: batadv0: Interface activated: batadv_slave_1
[  922.197464][   T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  922.210140][ T7303] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  922.228986][   T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  922.236873][ T7303] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  922.254253][ T7303] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  922.264479][ T7303] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  925.047579][ T7303] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  925.065707][ T7303] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  925.168104][ T7303] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  925.189355][ T7303] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  929.918083][T14159] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1842'.
[  930.954087][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  930.960891][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  933.981541][T14177] netlink: 277 bytes leftover after parsing attributes in process `syz.5.1852'.
[  939.549442][T14216] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1868'.
[  941.878484][T14244] netlink: 20 bytes leftover after parsing attributes in process `syz.9.1871'.
[  948.547356][T10824] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  957.185467][T14336] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1891'.
[  957.613431][T14333] dvmrp1: entered allmulticast mode
[  957.705541][T14336] ------------[ cut here ]------------
[  957.711703][T14336] !rwb
[  957.711720][T14336] WARNING: block/blk-wbt.c:784 at wbt_init_enable_default+0xcb/0x120, CPU#1: syz.7.1891/14336
[  957.725244][T14336] Modules linked in:
[  957.729634][T14336] CPU: 1 UID: 0 PID: 14336 Comm: syz.7.1891 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  957.741169][T14336] Tainted: [L]=SOFTLOCKUP
[  957.747012][T14336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  957.757479][T14336] RIP: 0010:wbt_init_enable_default+0xcb/0x120
[  957.763707][T14336] Code: df e8 59 7b a9 06 4c 89 e7 e8 e1 38 00 00 48 89 df e8 a9 04 a9 06 e8 14 5e 23 fd 5b 5d 41 5c e9 76 27 2b fc e8 06 5e 23 fd 90 <0f> 0b 90 eb 81 e8 fb 5d 23 fd 90 0f 0b 90 48 b8 00 00 00 00 00 fc
[  957.784040][T14336] RSP: 0018:ffffc90004b471a0 EFLAGS: 00010283
[  957.790121][T14336] RAX: 0000000000019931 RBX: ffff88802b415000 RCX: ffffc90024e05000
[  957.798448][T14336] RDX: 0000000000080000 RSI: ffffffff84e5199a RDI: ffffffff8c1adba0
[  957.806473][T14336] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  957.814771][T14336] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88802b54d5c8
[  957.822753][T14336] R13: ffff88802b415390 R14: ffff88802b54d5d8 R15: ffff88802b415090
[  957.830863][T14336] FS:  00007f06594266c0(0000) GS:ffff888124453000(0000) knlGS:0000000000000000
[  957.840588][T14336] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  957.847615][T14336] CR2: 00007f16aa14da08 CR3: 000000005f476000 CR4: 0000000000350ef0
[  957.855679][T14336] Call Trace:
[  957.858958][T14336]  <TASK>
[  957.861889][T14336]  blk_register_queue+0x39e/0x4e0
[  957.867084][T14336]  __add_disk+0x73f/0xe40
[  957.871452][T14336]  add_disk_fwnode+0x118/0x5c0
[  957.876330][T14336]  nbd_dev_add+0x77a/0xb10
[  957.881140][T14336]  ? find_held_lock+0x2b/0x80
[  957.886226][T14336]  ? __pfx_nbd_dev_add+0x10/0x10
[  957.891200][T14336]  ? nbd_genl_connect+0x131a/0x1a40
[  957.896548][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  957.902191][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  957.908099][T14336]  ? __radix_tree_lookup+0x217/0x2b0
[  957.913796][T14336]  nbd_genl_connect+0xb8d/0x1a40
[  957.918741][T14336]  ? rcu_is_watching+0x12/0xc0
[  957.923556][T14336]  ? __pfx_nbd_genl_connect+0x10/0x10
[  957.928932][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  957.934631][T14336]  ? __nla_parse+0x40/0x60
[  957.939450][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  957.945437][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  957.951129][T14336]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290
[  957.958191][T14336]  genl_family_rcv_msg_doit+0x214/0x300
[  957.963870][T14336]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  957.969990][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  957.975782][T14336]  ? genl_get_cmd+0x3ef/0x720
[  957.980988][T14336]  ? __dev_queue_xmit+0x7fd/0x4750
[  957.986508][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  957.992172][T14336]  ? __radix_tree_lookup+0x217/0x2b0
[  957.997522][T14336]  genl_rcv_msg+0x560/0x800
[  958.002074][T14336]  ? __pfx_genl_rcv_msg+0x10/0x10
[  958.007200][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  958.012934][T14336]  ? __pfx_nbd_genl_connect+0x10/0x10
[  958.018634][T14336]  netlink_rcv_skb+0x159/0x420
[  958.023463][T14336]  ? __pfx_genl_rcv_msg+0x10/0x10
[  958.028537][T14336]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  958.033862][T14336]  ? rcu_is_watching+0x12/0xc0
[  958.038727][T14336]  ? __rcu_read_unlock+0x26a/0x5e0
[  958.044251][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  958.049900][T14336]  ? rcu_is_watching+0x12/0xc0
[  958.055129][T14336]  genl_rcv+0x28/0x40
[  958.059130][T14336]  netlink_unicast+0x5aa/0x870
[  958.064071][T14336]  ? __pfx_netlink_unicast+0x10/0x10
[  958.069387][T14336]  netlink_sendmsg+0x8b0/0xda0
[  958.074203][T14336]  ? __pfx_netlink_sendmsg+0x10/0x10
[  958.079528][T14336]  ? __might_fault+0xa0/0x140
[  958.084653][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  958.090302][T14336]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  958.096264][T14336]  ____sys_sendmsg+0xa54/0xc30
[  958.101057][T14336]  ? __pfx_____sys_sendmsg+0x10/0x10
[  958.106436][T14336]  ? __pfx_futex_wake_mark+0x10/0x10
[  958.111754][T14336]  ___sys_sendmsg+0x190/0x1e0
[  958.116542][T14336]  ? __pfx____sys_sendmsg+0x10/0x10
[  958.122047][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  958.127765][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  958.133517][T14336]  __sys_sendmsg+0x170/0x220
[  958.138136][T14336]  ? __pfx___sys_sendmsg+0x10/0x10
[  958.143910][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  958.149576][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  958.155584][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  958.161252][T14336]  do_syscall_64+0x106/0xf80
[  958.165949][T14336]  ? irqentry_exit+0x138/0x670
[  958.170730][T14336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  958.176667][T14336] RIP: 0033:0x7f065859bf79
[  958.181080][T14336] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  958.201149][T14336] RSP: 002b:00007f0659426028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  958.209869][T14336] RAX: ffffffffffffffda RBX: 00007f0658816090 RCX: 00007f065859bf79
[  958.218233][T14336] RDX: 0000000000000004 RSI: 0000200000000240 RDI: 0000000000000007
[  958.226967][T14336] RBP: 00007f06586327e0 R08: 0000000000000000 R09: 0000000000000000
[  958.235111][T14336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  958.243121][T14336] R13: 00007f0658816128 R14: 00007f0658816090 R15: 00007fff44112278
[  958.251563][T14336]  </TASK>
[  958.254889][T14336] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  958.262174][T14336] CPU: 1 UID: 0 PID: 14336 Comm: syz.7.1891 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  958.273111][T14336] Tainted: [L]=SOFTLOCKUP
[  958.277425][T14336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  958.287513][T14336] Call Trace:
[  958.290824][T14336]  <TASK>
[  958.293748][T14336]  dump_stack_lvl+0x100/0x190
[  958.298443][T14336]  vpanic+0x552/0x970
[  958.302425][T14336]  ? __pfx_vpanic+0x10/0x10
[  958.306940][T14336]  panic+0xd1/0xe0
[  958.310664][T14336]  ? __pfx_panic+0x10/0x10
[  958.315099][T14336]  check_panic_on_warn.cold+0x19/0x34
[  958.320578][T14336]  ? wbt_init_enable_default+0xcb/0x120
[  958.326156][T14336]  __warn.cold+0x191/0x348
[  958.330594][T14336]  __report_bug+0x296/0x3d0
[  958.335105][T14336]  ? wbt_init_enable_default+0xcb/0x120
[  958.340667][T14336]  ? __pfx___report_bug+0x10/0x10
[  958.345722][T14336]  ? wbt_init_enable_default+0xcb/0x120
[  958.351277][T14336]  report_bug+0xb2/0x220
[  958.355536][T14336]  ? wbt_init_enable_default+0xcb/0x120
[  958.361096][T14336]  handle_bug+0x166/0x2a0
[  958.365444][T14336]  exc_invalid_op+0x17/0x50
[  958.369962][T14336]  asm_exc_invalid_op+0x1a/0x20
[  958.374812][T14336] RIP: 0010:wbt_init_enable_default+0xcb/0x120
[  958.380976][T14336] Code: df e8 59 7b a9 06 4c 89 e7 e8 e1 38 00 00 48 89 df e8 a9 04 a9 06 e8 14 5e 23 fd 5b 5d 41 5c e9 76 27 2b fc e8 06 5e 23 fd 90 <0f> 0b 90 eb 81 e8 fb 5d 23 fd 90 0f 0b 90 48 b8 00 00 00 00 00 fc
[  958.400591][T14336] RSP: 0018:ffffc90004b471a0 EFLAGS: 00010283
[  958.406663][T14336] RAX: 0000000000019931 RBX: ffff88802b415000 RCX: ffffc90024e05000
[  958.414655][T14336] RDX: 0000000000080000 RSI: ffffffff84e5199a RDI: ffffffff8c1adba0
[  958.422627][T14336] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  958.430588][T14336] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88802b54d5c8
[  958.438552][T14336] R13: ffff88802b415390 R14: ffff88802b54d5d8 R15: ffff88802b415090
[  958.446534][T14336]  ? wbt_init_enable_default+0xca/0x120
[  958.452101][T14336]  blk_register_queue+0x39e/0x4e0
[  958.457135][T14336]  __add_disk+0x73f/0xe40
[  958.461467][T14336]  add_disk_fwnode+0x118/0x5c0
[  958.466230][T14336]  nbd_dev_add+0x77a/0xb10
[  958.470646][T14336]  ? find_held_lock+0x2b/0x80
[  958.475324][T14336]  ? __pfx_nbd_dev_add+0x10/0x10
[  958.480250][T14336]  ? nbd_genl_connect+0x131a/0x1a40
[  958.485471][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  958.491105][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  958.496741][T14336]  ? __radix_tree_lookup+0x217/0x2b0
[  958.502039][T14336]  nbd_genl_connect+0xb8d/0x1a40
[  958.506975][T14336]  ? rcu_is_watching+0x12/0xc0
[  958.511746][T14336]  ? __pfx_nbd_genl_connect+0x10/0x10
[  958.517121][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  958.523027][T14336]  ? __nla_parse+0x40/0x60
[  958.527470][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  958.533106][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  958.538744][T14336]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290
[  958.545708][T14336]  genl_family_rcv_msg_doit+0x214/0x300
[  958.551285][T14336]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  958.557373][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  958.563014][T14336]  ? genl_get_cmd+0x3ef/0x720
[  958.567832][T14336]  ? __dev_queue_xmit+0x7fd/0x4750
[  958.572959][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  958.578605][T14336]  ? __radix_tree_lookup+0x217/0x2b0
[  958.583900][T14336]  genl_rcv_msg+0x560/0x800
[  958.588430][T14336]  ? __pfx_genl_rcv_msg+0x10/0x10
[  958.593468][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  958.599114][T14336]  ? __pfx_nbd_genl_connect+0x10/0x10
[  958.604505][T14336]  netlink_rcv_skb+0x159/0x420
[  958.609284][T14336]  ? __pfx_genl_rcv_msg+0x10/0x10
[  958.614324][T14336]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  958.619616][T14336]  ? rcu_is_watching+0x12/0xc0
[  958.624388][T14336]  ? __rcu_read_unlock+0x26a/0x5e0
[  958.629507][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  958.635139][T14336]  ? rcu_is_watching+0x12/0xc0
[  958.639994][T14336]  genl_rcv+0x28/0x40
[  958.643986][T14336]  netlink_unicast+0x5aa/0x870
[  958.648767][T14336]  ? __pfx_netlink_unicast+0x10/0x10
[  958.654077][T14336]  netlink_sendmsg+0x8b0/0xda0
[  958.658860][T14336]  ? __pfx_netlink_sendmsg+0x10/0x10
[  958.664154][T14336]  ? __might_fault+0xa0/0x140
[  958.668856][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  958.674501][T14336]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  958.680162][T14336]  ____sys_sendmsg+0xa54/0xc30
[  958.684964][T14336]  ? __pfx_____sys_sendmsg+0x10/0x10
[  958.690370][T14336]  ? __pfx_futex_wake_mark+0x10/0x10
[  958.695669][T14336]  ___sys_sendmsg+0x190/0x1e0
[  958.700379][T14336]  ? __pfx____sys_sendmsg+0x10/0x10
[  958.705602][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  958.711261][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  958.716944][T14336]  __sys_sendmsg+0x170/0x220
[  958.721551][T14336]  ? __pfx___sys_sendmsg+0x10/0x10
[  958.726679][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  958.732325][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  958.737977][T14336]  ? srso_alias_return_thunk+0x5/0xfbef5
[  958.743631][T14336]  do_syscall_64+0x106/0xf80
[  958.748239][T14336]  ? irqentry_exit+0x138/0x670
[  958.753032][T14336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  958.758931][T14336] RIP: 0033:0x7f065859bf79
[  958.763431][T14336] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  958.783044][T14336] RSP: 002b:00007f0659426028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  958.791463][T14336] RAX: ffffffffffffffda RBX: 00007f0658816090 RCX: 00007f065859bf79
[  958.799434][T14336] RDX: 0000000000000004 RSI: 0000200000000240 RDI: 0000000000000007
[  958.807507][T14336] RBP: 00007f06586327e0 R08: 0000000000000000 R09: 0000000000000000
[  958.815476][T14336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  958.823551][T14336] R13: 00007f0658816128 R14: 00007f0658816090 R15: 00007fff44112278
[  958.831569][T14336]  </TASK>
[  958.834917][T14336] Kernel Offset: disabled
[  958.839236][T14336] Rebooting in 86400 seconds..