last executing test programs:

10.970372266s ago: executing program 1 (id=1617):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000000180), 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$MRT_ADD_MFC_PROXY(r0, 0x0, 0xd2, &(0x7f0000000040)={@broadcast, @multicast1, 0x1, "0d5011f02b7fab96e0aa834d3a9e7cfc12178ac0ab1e6227c2b6ddaa5effda90", 0x5, 0x16, 0xfffffffe, 0x1}, 0x3c)
r6 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r6, 0x0, 0xd2, &(0x7f0000000000)={@broadcast, @multicast1, 0x0, "12ceaac82ab7d944e84b6fbd6178697e3b10c9b81bede26c85ee73daab4158e8", 0x2, 0x6, 0x4, 0x4}, 0x3c)
setsockopt$MRT_FLUSH(r6, 0x0, 0xd4, &(0x7f0000000100)=0xe, 0x4)

10.970110336s ago: executing program 2 (id=1618):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
select(0x0, 0x0, 0x0, 0x0, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r1 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in=@broadcast, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x4}, {0x0, 0x4, 0x0, 0xa78a}, 0xfffffffe, 0x0, 0x1}, {{@in=@private, 0x0, 0x33}, 0x0, @in=@rand_addr=0x64010101, 0x0, 0x3, 0x1, 0x7}}, 0xe8)
socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000540)={0x2, 0x6, 0x2, 0x0, 0x2, 0x0, 0x2}, 0x10}}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x9c66edc32267ac72)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x2a)
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2000844, &(0x7f00000006c0)={[{@fat=@time_offset={'time_offset', 0x3d, 0x4f7}}, {@fat=@uid}, {@nodots}, {@dots}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x74}}, {@fat=@discard}, {}, {@dots}, {@nodots}, {@fat=@fmask={'fmask', 0x3d, 0x1fe}}, {@fat=@nfs_stale_rw}, {@fat=@nfs_stale_rw}, {@dots}, {@fat=@sys_immutable}, {@fat=@tz_utc}, {@fat=@nocase}]}, 0x21, 0x23d, &(0x7f0000000a40)="$eJzs3cFqE0EcBvB/27Td9mLP4mHBi6eivkGQCOKCENmDnlyoXloR0svqKY/hM/hIPkZPva3YXZq6UQ+yySbu7wdhP/IxMHPJ5DCTvHvw8fzs0+WH6vvXSJI0RhHzuI44id3Yi9pO89y9yQdx1zwAgG0znRbjvudAh3aW3jmKiGI/Ig6XqvzbmmYFAAAAAAAAAABAx5z/B4Dhcf7//zebjYvj5vvbr5z/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPpzXVX3qr+8+p4fANA9+z8ADI/9HwCGx/4PAMPz+s3bl+Msm0zTNIm4mpd5mdfPun/+Ips8Tm+cLEZdlWW+3+Rs8qTu03Z/3Ix/+tv+IB49rPuf3bNXWas/jLNVLx4AAAAAAAAAAAAAAAAAAAA2xGl6q3W/f6/uT//U1+nO7wO07u+P4v5obcsAAAAAAAAAAAAAAAAAAACArXb5+ct5cXHxfiYIt+Eo/mFUEpsxeaGT0PcnEwAAAAAAAAAAAAAAAAAADM/i0m/fMwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/iz+/391oe81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMPwIwAA//++jJCI")
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)

10.924627758s ago: executing program 3 (id=1619):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f0000000040), 0x10)
ioctl$BLKPG(0xffffffffffffffff, 0x1269, 0x0)
io_submit(0x0, 0x1, &(0x7f00000012c0)=[&(0x7f00000000c0)={0x400000, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000200)="0500000093cb1faf16da39de706f646800580f02000000003f420f00", 0x1c}])
connect$unix(r0, &(0x7f00000002c0)=@file={0x0, './bus\x00'}, 0x6e)
syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000100)='./bus\x00', 0x18418, &(0x7f00000003c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="9c8a4f967ca55468510ec76d6db61f", @ANYRES32=0x0, @ANYRESHEX, @ANYRESDEC=0x0, @ANYRESHEX=0x0, @ANYRESOCT=0x0, @ANYRESOCT], 0xfe, 0x4b5, &(0x7f0000000680)="$eJzs20tsVFUcx/Hff+50mA4Vy8MChkATTawg0AcWSE0MDxtNeGihGomPVDrFSh+kU5QSEJbqzgVLl25duDJuDYlL48JgDAsTZONmVuIOc+7c1wylMyPTGUq/HwLn3jP/O5xz/nPnnDOZEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkA6/dqi3z1rdCgAA0EwnTo30DjD/AwCwqpxm/w8AALCamDz9IdPu80U77p+XZI9Nzly8NHp0ePHL2k2mlDw/3v3N9vUP7Ht5cP+BsFz6+kbbqpOnTh/qPjI7fWEuXyjkx7tHZybPzo7na36GR72+0k5/ALqnz18cn5godPfvGSh7+FLn3TVruzqHBt8/kgljR48OD59KxKTb/vf//oCHrfAz8vSiTJ/88J2dkJTSo49FldfOcmv3O7HT78To0WG/I1OTYzPz7kFLBVGp8jHJhGPUhFw8kpTk2mWZxuzZ2uTpR5kO7y3aSUleOA67/A+Ga2pPK6Td1lVSj1ZAzh5ja+TpQ5lu7u3Um8G4+vnPSFda3Tgsu3Rw/89a0d7y3w/c/eTeNo+93f3GzMRsItZSwR210ueHZnrM35uy8nTSv+OLNqIdrW4OmqxdnqZlynz9qb+ukL8ufXpo//YdB5MrjM1VnsfF7glurlrm5LZg6WAp96fx/UJtsubpL5nu/Z71z3vCOUC6fn+pC/9sSvOw3MzTlEz/Xi2aVexLvcT+PrLS5/7lbX979sjshYW5yXMfzy/6eC576KPC/NzY2cUfLu1dvWRNtX1spVR9W7KclXZ8X3xWjK4L9gBPlc7i1nx7JX4t9FSUoeTrp5bjmnexdayjXJvMPN2RaeKDLaV5Rrm6x2Y1cPkflqlQ/MXCTAf5T5fOEvl/JR6/rJWXET+360qfa4Vria1nNj2sfjny79rk8v+uTIf/2RJ8plHKv1cR6+K6ZHrvxrYgLpVxcemwO6VnnJicyve62Psybfg5jJUfmwtiN8axfS62INOXN8tj1waxm+LYfhd7S6bbvy0e+0wcO+BiF1y+bneHsTkXuz2I7Ypj95ydnRqvNqwu//0yvXPtdQv7/ND8J+7/6xVl5IGcL33cqPx3JuquB3k9E+Q/XSX/X8m08Pe2sN/+2Icvq/X+v3H+3Vr5+xvlseGGckMc21drt1rN5X+9THdfvRX1OehbcBpnKJn/Z9PlZTSuLcr/+kRdZ9CuTJ1jsRoVFi6fH5uays9xwAEHHEQHrX5nQjO4+X/EzeqDnoXrmGD+7yidxSume5/H8/9QRRlp0fy/IVE3FKxa2tJSdn76QttmKVtYuLx7cnrsXP5cfmZg32Bv/8F9vQMH2jLh4i4+qnnsngQu/7tkuvrTr9E+pnz9t/j6P1dRRlqU/43JPpWta2oeilXJ5b9DpsE7t6L95lLr/3D/3/NceRndfy3K/6ZEXWfQro46xwIAAAAAAAAAAAAAAAAAVpKceXpepksjL1n4G6K0tE5Vvv83XlFGGv/9r9IPk6t8/6srUTfewN812BIxdQ00AAAAAAAAAABAk6Tk6RuZXlDRrrmKDul4ssQT7b8AAAD//44dR5s=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x101042, 0x0)
pwrite64(r3, &(0x7f0000000140)='2', 0xfdef, 0xe7c)
write$UHID_INPUT(r3, 0x0, 0x0)

9.94294325s ago: executing program 1 (id=1621):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x18)
r4 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x7}, 0x1c)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet(r5, &(0x7f0000000d00)=[{{&(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10, 0x0}}, {{&(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x10, 0x0, 0x0, &(0x7f0000000700)=[@ip_tos_int={{0x14, 0x0, 0x1, 0xfffffffb}}], 0x18}}], 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
prctl$PR_SET_NAME(0xf, 0x0)

9.782621497s ago: executing program 0 (id=1622):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x1b, &(0x7f0000000880)=ANY=[@ANYBLOB="85100000fdffffff182a0000", @ANYRES16, @ANYRES32, @ANYBLOB="0000000000000000b703"], &(0x7f0000000300)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000580)={0x2, 0xa, 0x1, 0x7c5e}, 0x10, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000640)=[{0x4, 0x5, 0xa, 0xb}, {0x2, 0x5, 0x6, 0x7}, {0x5, 0x4, 0xc}], 0x10, 0x3}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0xffffffff}, 0x10, 0x0, r0}, 0x94)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000002480)=[{{0x0, 0x0, &(0x7f0000001780)=[{0x0}, {0x0}], 0x2}}], 0x1, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
write(0xffffffffffffffff, &(0x7f00000000c0)=')', 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010076"], 0xfd12}}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x100, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r4 = accept4(r3, 0x0, 0x0, 0x80800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

9.692595521s ago: executing program 2 (id=1623):
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="040282f4322acb7101aaaaaa1e3f66602e39800fdd840bbec951b29064"], 0x12)
fallocate(0xffffffffffffffff, 0x10, 0x0, 0xbc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000001c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x60240)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0xc0a85320, 0x0)
close_range(r1, r1, 0x0)
clock_adjtime(0x0, &(0x7f0000000380)={0x3ff, 0x3, 0x4100, 0xd, 0x0, 0x3, 0x400000000, 0x800000000006, 0x0, 0x100, 0x3, 0x0, 0x7, 0x0, 0x9f, 0x2, 0x0, 0x0, 0x300000000000, 0x9, 0x8001, 0x3, 0x0, 0x3, 0x0, 0xe})
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000240)={0x20, 0x30, 0xf0, 0x640, 0x0, 0x1f, 0x32, 0x0, {0xfffffffe}, {0x0, 0x0, 0x1}, {0x0, 0x0, 0x200}, {}, 0x0, 0x40, 0x0, 0x6, 0x0, 0x5, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x5})
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
iopl(0x5)
r2 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x14)

9.48200552s ago: executing program 0 (id=1624):
syz_usb_connect(0x2, 0x2d, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000880)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x9}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1f, 0xc, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x7e}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x101}}]}, &(0x7f00000000c0)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x18, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xebfb}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r4, 0xe0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001400), ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x62, 0x8, 0x0, 0x0}}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00'}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010100000000000000000a0000000900010073797a300000000048000000030a010200000000000000000a0000000900010073797a30000000000900030073797a3100000000080007006e617400140004800800014000000004080002"], 0x190}}, 0x0)

9.48160845s ago: executing program 2 (id=1625):
openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
r3 = memfd_create(&(0x7f0000000100)='\vem\xda\x99R@m\xfc\xfe\x9b#*\xff', 0x0)
write(r3, &(0x7f0000000040)="0600", 0x2)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000180)=ANY=[], 0xe)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r3, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f000002eff0)={0x135, &(0x7f0000000000)=[{}]}, 0x10)

7.019362277s ago: executing program 1 (id=1626):
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="040282f4322acb7101aaaaaa1e3f66602e39800fdd840bbec951b29064"], 0x12)
fallocate(0xffffffffffffffff, 0x10, 0x0, 0xbc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000001c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0xc0a85320, 0x0)
close_range(r1, r1, 0x0)
clock_adjtime(0x0, 0x0)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000240)={0x20, 0x30, 0xf0, 0x640, 0x0, 0x1f, 0x32, 0x0, {0xfffffffe}, {0x0, 0x0, 0x1}, {0x0, 0x0, 0x200}, {}, 0x0, 0x40, 0x0, 0x6, 0x0, 0x5, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x5})
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
iopl(0x5)
r2 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x14)

6.496830349s ago: executing program 2 (id=1627):
syz_open_dev$dri(0x0, 0xd21, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f0000000440)=ANY=[], 0x9)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
syz_clone(0x23845480, 0x0, 0x0, 0x0, 0x0, 0x0)

5.936269973s ago: executing program 0 (id=1628):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x0, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x1d}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
symlinkat(&(0x7f0000000280)='./file1/file0\x00', r3, &(0x7f0000000380)='./file1\x00')
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x100000, &(0x7f0000000200)=ANY=[], 0x1, 0x0, 0x0)
unlink(&(0x7f0000000440)='./file1\x00')
linkat(r3, &(0x7f0000001180)='./file1\x00', r3, &(0x7f00000002c0)='./file0\x00', 0x0)
link(&(0x7f0000000140)='./file0\x00', 0x0)

5.723307302s ago: executing program 1 (id=1629):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0xa, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_clone3(0x0, 0x0)
socket$netlink(0x10, 0x3, 0x4)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
unshare(0x40020480)
add_key(&(0x7f00000006c0)='asymmetric\x00', 0x0, &(0x7f0000000800)='0', 0x1, 0xffffffffffffffff)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
listen(r3, 0x86a)

5.664931435s ago: executing program 3 (id=1630):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x18)
r4 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x7}, 0x1c)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet(r5, &(0x7f0000000d00)=[{{&(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10, 0x0}}, {{&(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x10, 0x0, 0x0, &(0x7f0000000700)=[@ip_tos_int={{0x14, 0x0, 0x1, 0xfffffffb}}], 0x18}}], 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
prctl$PR_SET_NAME(0xf, 0x0)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x20, 0x4001c00)

4.706178197s ago: executing program 0 (id=1631):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000000180), 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$MRT_ADD_MFC_PROXY(r0, 0x0, 0xd2, &(0x7f0000000040)={@broadcast, @multicast1, 0x1, "0d5011f02b7fab96e0aa834d3a9e7cfc12178ac0ab1e6227c2b6ddaa5effda90", 0x5, 0x16, 0xfffffffe, 0x1}, 0x3c)
r6 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r6, 0x0, 0xd2, &(0x7f0000000000)={@broadcast, @multicast1, 0x0, "12ceaac82ab7d944e84b6fbd6178697e3b10c9b81bede26c85ee73daab4158e8", 0x2, 0x6, 0x4, 0x4}, 0x3c)
setsockopt$MRT_FLUSH(r6, 0x0, 0xd4, &(0x7f0000000100)=0xe, 0x4)

4.528784264s ago: executing program 3 (id=1632):
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x1b, &(0x7f0000000880)=ANY=[@ANYBLOB="85100000fdffffff182a0000", @ANYRES16, @ANYRES32, @ANYBLOB="0000000000000000b703"], &(0x7f0000000300)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000580)={0x2, 0xa, 0x1, 0x7c5e}, 0x10, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000640)=[{0x4, 0x5, 0xa, 0xb}, {0x2, 0x5, 0x6, 0x7}, {0x5, 0x4, 0xc}], 0x10, 0x3}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0xffffffff}, 0x10, 0x0, r0}, 0x94)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000002480)=[{{0x0, 0x0, &(0x7f0000001780)=[{0x0}, {0x0}], 0x2}}], 0x1, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
write(0xffffffffffffffff, &(0x7f00000000c0)=')', 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010076"], 0xfd12}}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x100, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r4 = accept4(r3, 0x0, 0x0, 0x80800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

3.629971033s ago: executing program 3 (id=1633):
r0 = fsopen(&(0x7f0000000280)='cifs\x00', 0x0)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$AUDIT_LIST_RULES(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3f8, 0x1, 0x70bd28, 0x25dfdbff}, 0x10}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000040)='source', &(0x7f0000002280)='//\xf2b\x06\b\xba\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b/\\\\\x00\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x97\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8DD\x9bp\x01\xcc:\xa6\xc5n\x9f\xfb\x81 \x10\x0fQ\x90}Zd\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3V\x9c\x8c\xf8\xf7\xe2\xd5\x8bE\xee5\x00\xaa\xd5\xfc\x1b$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\xec\xac\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xec\x9es\xee\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o\x00\x00\x00\x00\x00\x00\x00\x00_\tN\xfd\xa2\xc2SPu\xe7\xc0+SL\xa1', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000090000000000000040000000850000002c000000850000000800000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_UNLINK(r5, 0x40044160, 0x3)
r6 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
recvmmsg(r6, &(0x7f0000000640)=[{{0x0, 0x0, 0x0}, 0xc8}], 0x1, 0x140, 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000080)='//\xf2b\x06\b\xba\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b/\\\\\x00\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x97\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8DD\x9bp\x01\xcc:\xa6\xc5n\x9f\xfb\x81 \x10\x0fQ\x90}Zd\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3V\x9c\x8c\xf8\xf7\xe2\xd5\x8bE\xee5\x00\xaa\xd5\xfc\x1b$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\xec\xac\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xec\x9es\xee\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o\x00\x00\x00\x00\x00\x00\x00\x00_\tN\xfd\xa2\xc2SPu\xe7\xc0+SL\xa1', &(0x7f00000002c0)="a9296c2ebdb28ab1e7dc07889aaa9b6536015c307b94be2c9175f86a2e91d38f4c4bd045ac1d3838b434b7f592beb21db2421c8305cb209b75b21a4aefccf7d0afef840a2ec68bb8b7bc5c68d0dcb76945e8f9f7690b2e1d82b3828c1d3cdd3367eaaee50b9abde4fa4b0f770277e6462e7b3618cd99de972b380d0174b2a22505a11bdeae72d0045d31a3db2e677c327fd9d4e31e007f0e946055088cbeea094e996c9bd9991248d994f83c7e3cb4ef8e535d9466c3503a5c560798a4f67235031426ecce122db1f4c3b4a00525e2c250f4a2a8fb0f439dec2c307c3ec5211e5c1bc4293fdea013b48eb5a8c7942893452bdce5ac9660755638e3f49670f9a17ecce332361dec8cd24613c7471293149ac88aa728d19eb66b18b0d2c2ae1a3fe9ddcf53e96ad8a64f9936cd336c7798327686bc3d59f89d925de547965fd3df3d011b1b7e6edca8fbfb3e86a678ed29166b2bb464e638d04d5aa82d696431a53d9e7bc07f2a3edf3841d9c411758cb05302277abac44f797cb389d4bfa904b92972c32af94bf5dc28ab3d6d49855af2f65ec9581e310918a222e3384e80eaca1e5f4f89fb95f854be4a1a812f53c557546b686f8c3c8b16ee4666690d11711f2f2cb625be06aed69b2c332209a7327b82a5393f8493843c54743bc5465608bcf365dd66928b27159da7f5b0245f7ab402bd181362ec64ded3ac38cdf79ee2b787c45f8c8849e85d7d9c3c134055824b06e8e67a0c49edc317c87bfd918c08cc943e6e8a0fc364b883628d8feae3ea74d678cda60129a57def9b739dc19eef730d9cb62cb6581ba9be1dc7e3a5a9412c5551c9b9651449c34c4aec8c876d299653829ae967ee981fac55e343d804ca68a699cef7543e57d05431ac0755e505d8fb2348d498f2fc04ae34a91c9271c6b7fc46f5c9f519e76b8e42f52c3941560ae17a68f71fa9e9c0d4ff8bb41506e92fb21857b9952ab37b0741d637be0c862c420350730a49208562febe68e1f4579f9a654484be9d9ed90ea82ea8d5abcd371d9e83e7b15497e16df74f6a2cc2898796c848fb671199bb75f3af816f0e69c84d6e58f2ac75353e72cce9b609ac8e710be458c550d98345b48435e009b28b85602cd4b58c3afbe186cb688123744e58c037e6699a526150e5b3dfcc540b0146909ba20c85a13c5a0ca4443a31ea32349eea8262c317cd71e1a1125d549f4ac0f83884ffd651a11c0a5f11349f1a82c35fde2ac2ba06a403385c28a6f1f344b44675edb8612ce4a66a8afedf73cd7d374f82e0852d90908e61937b3f7c655104b917627437d2c1e367cdc99ca5276b6c760d2fccde5779371b7d2cf41947ab27ce2ed8d6e3d309ecbde106e8ad4abcd92f697e0b385ac39d39ebd27e11e5ad81125e8f3ed0b479c7844c16782d2f9ec396e6f6a219ba6d3a0451309deb168ca7e7e5514491606658058f74ded43466be34b6dee42e388b2384d836f6c77acbbd9ec20a17ccffaf1f72e7a73e883c2e0d2b996c594811764f56c290afd72b3042bd9e9e79f4c267fff7da64032ccfbf0403a9ae05f9ea7f100744713cd914a2b9f9fe770babab744a0d1eb552b3d6ea51a8deb29048c414b8e4855da2c0a7e61602cd683a861ebe2866c5ec1289dc681b2c131ceee106a9d442de27c07d63408ad405af97dd48394eab297621e9bd91a75582d1c78881950d2d535a5009cebdbeef10f696bb7676268cffc005f9e3b052c19c252c153aa45d1d69e95bcdb223b8fd773d16fe345e72d1e30865f0d89daac807288557b720080a7a7850ba843a803dffde154b037b4139900546a3d4463fbf3e9ee66e44dc6d99dcc633eb5b61a8c1842ae82e4fbeee21434118ea1f1a6622e346c9b56bd8bdc8a08f7cea55744babaf811eaee0f3e447a52cbd7160b2c70a069a068b8e7dddf3a75cd31295970d735c9b5b7a2e28f1ddf0fa7be96785ad9e51c4c8e52ff028cf43febe053f5c4a7d7c933fcb44a59a844d0680170fffa74ee837038ce86ea4db4592411d8b22f8b6cf20a18f1e61b678861959aaaf98df75576872aeaab91bf0bd87cbc0337d89e0d981a818299d9f6d3e87f96a8b911d9d19d2b09d5f7aae83b5a5b2f83e97f6c8ae558659f9e00ee81c485d294ae9723bdefc6aa68ec2bf054d2384cb41dc56c22a7c5f57189a87d6d3171e7725f0b08d6ccbbd6cc53a97bf66841e8d4ffb146d971581ba7730994f9fc5747da835901240906242f2ecf7daf4c253fe98a12dc5b221167e2e325d0ade18bdac88180b32a2519ad81b1bf735774317d4fe0899ac5b4a2b66f1e6836c688631087853cbc45141ca930652adca14e6c2f6b424236fa86990c7944e6310778187fa334d87e4e9d6dc514193fb5c14fcdeab4751bd45ed622bc5f4e8667f4049be10dd8f25a165d4198c0e2f68faeac3f26d4d6991deec62141d22f5c739a5103aa1aa842568926aca6c2de18225cae148a051a293ea055359ce5c87e0746fc72f8e6059c40ae49c368d03cd23ec0fdcc6c06ad5be78ea75d9b2e0dd6ee87c6e0c425ce932d893f104e1ed26c7da302420ec35e4dfc083038734e3ebc7977f6c7e023ea1bcb193c42abc5ed54e0238fb9226a06033074f568e97a164bddbe259b22b9b426a35ed3778cd9e373cd8822fd241e709560a11b89c9d545d55873bbde7ec1a3dc7d84b42b970425f8060339b728c69211550ee3a6f1952f473f00b2dd1e2111b4706b5721efb9f5216039ff46bdd6f7ff936650784bd4426daa189d26d3f5e0f5cc4dff3edba43d1db0edb135b53a8eb03823dc04e48b4000d58f466ac59f3fa07e3a2b447430e4ac50a3864157afef402a2fcd2360e11c866cf2c4af857a0f8f17c2109e0413d00632607b0e5bab15910932a862c55efb946aa0569877658494a15e15c23846cfbce2c6f472e40bfe6c90c593b0a2d7f8c9306622a8fac7e5281f99333a0e6ae916f7c3c3265bc99356a6b06191d249d6cbd6a4a9525dd10139b1104bafd1d5a606a0bfe6724f408f10494b14d8f9168250d10efa1a6f8329796c3d6ce2462d8ec1cbc0c5a4b37e82faa5fedcdfc31a0dbae1f25a7181ac2fa3355e1517d62064ace67b35e2b69833ee0f927ccf04d2efd5cf51c5da0f4f67ab19c87ffe09fd93b5b51e4a1a66c47f7bbb80f0a59dea0c73e43950c1bd4a773b054c30754549a62ca213fb65c617d1769b04c327bdc92725a3c8cc05f49c785d8ec78d82378a10d257acc0af540a95e3ddedf4dcfd529a47fa36fc5c1c34ad7fa756744123a8457b3306df7d7d4dfea283777f57a457a3335733caae9d8c5e54f5c7724a7380f01b15de8abcae04f123d874ded02fd6e8f05de446bc1c6165d3f4e073da721f1c058cd4711558fb2ce8c8686dd6cddfbc849e6790ba981dd3aca9786b52e7cb730003e340f8ddcdc11581ac75d02074ea0839c288a5c89d9a4e13d2318895a06efdee61bb8ceb97af60282ac6fe81ec7c425b1c1658ac7abee73ce31a0998e846ad5df24ee9f88fd4c84c254249d35fc2ec3970fcc8ec1a90fd007fac87a9c3d202772de079985f5bcc49f8f3321a6490d52d64f10996e7cc51d1f226b2e1b2ea975fa30f89dcec9c1bc3df4fd96679e7cafaf4c3949544f06231dd1cc0713a705b25bb7cb1969af4d593735b68cc73b91b0a8961a51cacfe7cdcaebbf3989903f3e6ed85225e7cdc7884b2ead32b90075d1dda8e0026bd8408e5f912d2f40fdd2b50d8f2a26721f26f06ad5339297da386a5e36cf87aed9fde36de3aa62d9d9c9f4b92da74b6968a64724d391e3ad094a366368c3bc0c2e5e0aec4e6844b199bd1dc0ce8e46f5be4310e857413c27c6c35a297b4095decd1607063caa8d427f31cf2318e55993b9af82241bc03102b4927ac480cbe7d21f94105a917986762119ebcff15a0376f1546ebdd4f6f91b78ec404d19f7215c7f2812a5f00d9527f0177505357a791dac5dbe45eb12b85c188b9f9258d1ec93497b5d433dd59c6fa3face9351f3a5904b0bbe32282baba8dae6484768d29fc1dc5fa21c3f890a262906b3ef5ff37bcee1399719fd679cccfbea7cca2e379bed6ca6b401245225d4c726f09de89e21acca161f6dac600359e47d7625d250ed7149199b58aee86e16ee8e68d8550da4669801345b635df0dc0c0e3d31631780104fb702be487bc9f3afbba81e0e33a30c1e6be657da5065b3409f9c612c90545c53fe921726ff622ee71f90a13ad1d047ac599d8ee4a987880bc818482ec26636ce834709da4a3de832b5d0afd40ea7c3e378aed7b89481d416a5b514594de4dc1bd29292d65e50000b56d25c05e7b19c5281aabe15d92c5deb15c9366bc041250b202befe585a13dc7ee6bc481f859eae0cd3eb168db0a999e6691dd5fdfb44f9f1b12b8fba3c7e9c90258274f0257947da1ff324f602f53347cdd0200f861f894ff58b9852b82cb7671e5adc2cc0665ae28e4a8febabac45076d53dd731f271b2ed34f13ab473aa5e97d82df0ecb99dbfa251d10e3ab0aaa89f37fff2a6d8734d65cb201b9ce7801c4a7d158389fe4ed8d802316c7a34ca69819951ff119e7c4dadcb778509906285f6ac2b8c520273834468674bb9963d66527dc771c180a94590c6803946826151008145f07a2bcfdd15a71a9abdf7463368183972911ad522ee65fc40fc451a92336584a2a043a21f2bbbead3128517c4657f4e9c9ac67eb35a87e768a31cab8fba39e11cc453fad48d4547b0168756d042b3eb8f68ca797ef028cf2aef512cb38a3682386356a5a30ed9e7aef5bf3fd50950711f705ed7bc8f47ef3fe4871f6ba982127c79150e55524544cc3d889b5615033d7eaf5f4fe00c6c217d9b2a5dbe1e0a26307dc23e7d701f5c1ce65d4e90a7de40008fad96fd61be905b1961d9b05b8f96f26e75baace57fc887b768e36b9815ab4d1f766bf48cda2783914efcf0591e81ef21bd68936c1b78d8896275dffc1b7f7c7ac44b8d1f9c1650bacf85cccf2bd3d4152818aa79eb2ade29238f708f31e55c718a7b86dfd3ef9563b1a701dc87266c159d394108463f4da5af85ba2e959114f6fd96a1b143e2e936416d375507ba1f6de272d750e96c91f02b2874a70368a483fb217e1c961f91edffb90ba1f187fa362caef22dc8e063abc468d1689e8fcf1c3f717835a0af45fff5ca96a7655559d00db158674e5dc86b42733534e0edd2be9e202e81422aca6d7b508ac1d98436d89a3f1d1ebdd5fd8834c8c44ffc6a06e4cc62598f291b00e3cf2650e8cf2e4258242b38fc930df18b6d95568d5d8f8e546709b9059e04f40982df545146d77753842493d834d8e13e569e72c697f6b3e1927056c75d552c4c34c00cb8290b6b361783eedef0ab510165782503cf1e7aac89757e769a06c6c5aa40daeda4b56e5bbf635389103f6aca2d1a289a2d87370b92eae60c7fcc48de08357b665a22e4176981db09198f9b8074a8bfb51c787b9f1627039ed122b313527d28f6edf3e2d052d836253731dd8934322223da6319150c4e9c572908dda8c6569c37ed403013bf5f9c331f73c2cb17b92f16f602f01f4fc00be04fb700e516d12e6e16fcb226b973ae74c8f34152c34b923dad68ed0052183045ede8c44eb4e752fad234cd5c8a70703377d710bf23a430a05aee9ea12fe0ba7febd2f279abd83fd9a0da09a462bc5cff4a6a427ca5d8f4588ec587d7a2643000fab2740b9c14bd7decc874751f0fe17624793b8a9ac467ebf82a9b19cd14e4ac6f4bc4b2db15d4b499c28cf066355afd3f", 0x1000)

2.551661089s ago: executing program 3 (id=1634):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, 0x0)
bind$can_j1939(r0, &(0x7f0000000340)={0x1d, 0x0, 0x4, {0x2, 0x1, 0x6}, 0xfd}, 0x18)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, 0x0)
bind$can_j1939(r1, &(0x7f0000000000)={0x1d, 0x0, 0x0, {0x0, 0xff}, 0x2}, 0x18)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = msgget$private(0x0, 0xfffffffffffffffd)
msgctl$IPC_INFO(r3, 0x3, &(0x7f0000000140)=""/6)
mount(0x0, 0x0, 0x0, 0x8000, 0x0)
semctl$IPC_RMID(0x0, 0x0, 0x0)
msgget(0x3, 0x710)
msgget(0x2, 0x624)
msgget(0x1, 0x240)

2.550743759s ago: executing program 0 (id=1642):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0xb9eb0eb005d40dc0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x5c, 0x30, 0x1, 0x0, 0x0, {}, [{0x48, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20000800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0xfffffffc, 0x80, {0x0, 0x0, 0x0, 0x0, 0x1503}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x44}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x35, 0x1, 0x4, 0x0, 0x0)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
lseek(r6, 0x10000000005, 0x0)

2.264836102s ago: executing program 3 (id=1635):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f0000000040), 0x10)
ioctl$BLKPG(0xffffffffffffffff, 0x1269, 0x0)
io_submit(0x0, 0x1, &(0x7f00000012c0)=[&(0x7f00000000c0)={0x400000, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000200)="0500000093cb1faf16da39de706f646800580f02000000003f420f00", 0x1c}])
connect$unix(r0, &(0x7f00000002c0)=@file={0x0, './bus\x00'}, 0x6e)
syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000100)='./bus\x00', 0x18418, &(0x7f00000003c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="9c8a4f967ca55468510ec76d6db61f", @ANYRES32=0x0, @ANYRESHEX, @ANYRESDEC=0x0, @ANYRESHEX=0x0, @ANYRESOCT=0x0, @ANYRESOCT], 0xfe, 0x4b5, &(0x7f0000000680)="$eJzs20tsVFUcx/Hff+50mA4Vy8MChkATTawg0AcWSE0MDxtNeGihGomPVDrFSh+kU5QSEJbqzgVLl25duDJuDYlL48JgDAsTZONmVuIOc+7c1wylMyPTGUq/HwLn3jP/O5xz/nPnnDOZEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkA6/dqi3z1rdCgAA0EwnTo30DjD/AwCwqpxm/w8AALCamDz9IdPu80U77p+XZI9Nzly8NHp0ePHL2k2mlDw/3v3N9vUP7Ht5cP+BsFz6+kbbqpOnTh/qPjI7fWEuXyjkx7tHZybPzo7na36GR72+0k5/ALqnz18cn5godPfvGSh7+FLn3TVruzqHBt8/kgljR48OD59KxKTb/vf//oCHrfAz8vSiTJ/88J2dkJTSo49FldfOcmv3O7HT78To0WG/I1OTYzPz7kFLBVGp8jHJhGPUhFw8kpTk2mWZxuzZ2uTpR5kO7y3aSUleOA67/A+Ga2pPK6Td1lVSj1ZAzh5ja+TpQ5lu7u3Um8G4+vnPSFda3Tgsu3Rw/89a0d7y3w/c/eTeNo+93f3GzMRsItZSwR210ueHZnrM35uy8nTSv+OLNqIdrW4OmqxdnqZlynz9qb+ukL8ufXpo//YdB5MrjM1VnsfF7glurlrm5LZg6WAp96fx/UJtsubpL5nu/Z71z3vCOUC6fn+pC/9sSvOw3MzTlEz/Xi2aVexLvcT+PrLS5/7lbX979sjshYW5yXMfzy/6eC576KPC/NzY2cUfLu1dvWRNtX1spVR9W7KclXZ8X3xWjK4L9gBPlc7i1nx7JX4t9FSUoeTrp5bjmnexdayjXJvMPN2RaeKDLaV5Rrm6x2Y1cPkflqlQ/MXCTAf5T5fOEvl/JR6/rJWXET+360qfa4Vria1nNj2sfjny79rk8v+uTIf/2RJ8plHKv1cR6+K6ZHrvxrYgLpVxcemwO6VnnJicyve62Psybfg5jJUfmwtiN8axfS62INOXN8tj1waxm+LYfhd7S6bbvy0e+0wcO+BiF1y+bneHsTkXuz2I7Ypj95ydnRqvNqwu//0yvXPtdQv7/ND8J+7/6xVl5IGcL33cqPx3JuquB3k9E+Q/XSX/X8m08Pe2sN/+2Icvq/X+v3H+3Vr5+xvlseGGckMc21drt1rN5X+9THdfvRX1OehbcBpnKJn/Z9PlZTSuLcr/+kRdZ9CuTJ1jsRoVFi6fH5uays9xwAEHHEQHrX5nQjO4+X/EzeqDnoXrmGD+7yidxSume5/H8/9QRRlp0fy/IVE3FKxa2tJSdn76QttmKVtYuLx7cnrsXP5cfmZg32Bv/8F9vQMH2jLh4i4+qnnsngQu/7tkuvrTr9E+pnz9t/j6P1dRRlqU/43JPpWta2oeilXJ5b9DpsE7t6L95lLr/3D/3/NceRndfy3K/6ZEXWfQro46xwIAAAAAAAAAAAAAAAAAVpKceXpepksjL1n4G6K0tE5Vvv83XlFGGv/9r9IPk6t8/6srUTfewN812BIxdQ00AAAAAAAAAABAk6Tk6RuZXlDRrrmKDul4ssQT7b8AAAD//44dR5s=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x101042, 0x0)
pwrite64(r3, &(0x7f0000000140)='2', 0xfdef, 0xe7c)
write$UHID_INPUT(r3, 0x0, 0x0)

1.14416032s ago: executing program 1 (id=1636):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$VIDIOC_S_INPUT(0xffffffffffffffff, 0xc0045627, 0x0)
r4 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r4, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x10000000}}, 0x10)
bind$tipc(r4, &(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x42, 0x1}}}, 0x10)
bind$tipc(r4, &(0x7f00000000c0)=@name={0x1e, 0x2, 0x0, {{0x42, 0x3}}}, 0x10)
sendmsg$tipc(r4, &(0x7f0000002340)={0x0, 0x0, 0x0}, 0x0)
r5 = socket(0x2, 0x80805, 0x0)
r6 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r7=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r5, 0x84, 0xa, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r7}, 0x20)

1.14386367s ago: executing program 2 (id=1637):
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="040282f4322acb7101aaaaaa1e3f66602e39800fdd840bbec951b29064"], 0x12)
fallocate(0xffffffffffffffff, 0x10, 0x0, 0xbc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000001c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0xc0a85320, 0x0)
close_range(r1, r1, 0x0)
clock_adjtime(0x0, 0x0)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000240)={0x20, 0x30, 0xf0, 0x640, 0x0, 0x1f, 0x32, 0x0, {0xfffffffe}, {0x0, 0x0, 0x1}, {0x0, 0x0, 0x200}, {}, 0x0, 0x40, 0x0, 0x6, 0x0, 0x5, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x5})
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
iopl(0x5)
r2 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x14)

1.070002614s ago: executing program 0 (id=1638):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f0000000040), 0x10)
ioctl$BLKPG(0xffffffffffffffff, 0x1269, 0x0)
io_submit(0x0, 0x1, &(0x7f00000012c0)=[&(0x7f00000000c0)={0x400000, 0x0, 0x0, 0x1, 0x0, r2, &(0x7f0000000200)="0500000093cb1faf16da39de706f646800580f02000000003f420f00", 0x1c}])
connect$unix(r0, &(0x7f00000002c0)=@file={0x0, './bus\x00'}, 0x6e)
syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000100)='./bus\x00', 0x18418, &(0x7f00000003c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="9c8a4f967ca55468510ec76d6db61f", @ANYRES32=0x0, @ANYRESHEX, @ANYRESDEC=0x0, @ANYRESHEX=0x0, @ANYRESOCT=0x0, @ANYRESOCT], 0xfe, 0x4b5, &(0x7f0000000680)="$eJzs20tsVFUcx/Hff+50mA4Vy8MChkATTawg0AcWSE0MDxtNeGihGomPVDrFSh+kU5QSEJbqzgVLl25duDJuDYlL48JgDAsTZONmVuIOc+7c1wylMyPTGUq/HwLn3jP/O5xz/nPnnDOZEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkA6/dqi3z1rdCgAA0EwnTo30DjD/AwCwqpxm/w8AALCamDz9IdPu80U77p+XZI9Nzly8NHp0ePHL2k2mlDw/3v3N9vUP7Ht5cP+BsFz6+kbbqpOnTh/qPjI7fWEuXyjkx7tHZybPzo7na36GR72+0k5/ALqnz18cn5godPfvGSh7+FLn3TVruzqHBt8/kgljR48OD59KxKTb/vf//oCHrfAz8vSiTJ/88J2dkJTSo49FldfOcmv3O7HT78To0WG/I1OTYzPz7kFLBVGp8jHJhGPUhFw8kpTk2mWZxuzZ2uTpR5kO7y3aSUleOA67/A+Ga2pPK6Td1lVSj1ZAzh5ja+TpQ5lu7u3Um8G4+vnPSFda3Tgsu3Rw/89a0d7y3w/c/eTeNo+93f3GzMRsItZSwR210ueHZnrM35uy8nTSv+OLNqIdrW4OmqxdnqZlynz9qb+ukL8ufXpo//YdB5MrjM1VnsfF7glurlrm5LZg6WAp96fx/UJtsubpL5nu/Z71z3vCOUC6fn+pC/9sSvOw3MzTlEz/Xi2aVexLvcT+PrLS5/7lbX979sjshYW5yXMfzy/6eC576KPC/NzY2cUfLu1dvWRNtX1spVR9W7KclXZ8X3xWjK4L9gBPlc7i1nx7JX4t9FSUoeTrp5bjmnexdayjXJvMPN2RaeKDLaV5Rrm6x2Y1cPkflqlQ/MXCTAf5T5fOEvl/JR6/rJWXET+360qfa4Vria1nNj2sfjny79rk8v+uTIf/2RJ8plHKv1cR6+K6ZHrvxrYgLpVxcemwO6VnnJicyve62Psybfg5jJUfmwtiN8axfS62INOXN8tj1waxm+LYfhd7S6bbvy0e+0wcO+BiF1y+bneHsTkXuz2I7Ypj95ydnRqvNqwu//0yvXPtdQv7/ND8J+7/6xVl5IGcL33cqPx3JuquB3k9E+Q/XSX/X8m08Pe2sN/+2Icvq/X+v3H+3Vr5+xvlseGGckMc21drt1rN5X+9THdfvRX1OehbcBpnKJn/Z9PlZTSuLcr/+kRdZ9CuTJ1jsRoVFi6fH5uays9xwAEHHEQHrX5nQjO4+X/EzeqDnoXrmGD+7yidxSume5/H8/9QRRlp0fy/IVE3FKxa2tJSdn76QttmKVtYuLx7cnrsXP5cfmZg32Bv/8F9vQMH2jLh4i4+qnnsngQu/7tkuvrTr9E+pnz9t/j6P1dRRlqU/43JPpWta2oeilXJ5b9DpsE7t6L95lLr/3D/3/NceRndfy3K/6ZEXWfQro46xwIAAAAAAAAAAAAAAAAAVpKceXpepksjL1n4G6K0tE5Vvv83XlFGGv/9r9IPk6t8/6srUTfewN812BIxdQ00AAAAAAAAAABAk6Tk6RuZXlDRrrmKDul4ssQT7b8AAAD//44dR5s=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x101042, 0x0)
pwrite64(r3, &(0x7f0000000140)='2', 0xfdef, 0xe7c)
write$UHID_INPUT(r3, 0x0, 0x0)

238.92µs ago: executing program 1 (id=1639):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0xf0, &(0x7f0000000100)={&(0x7f0000000280)=@newlink={0x20, 0x10, 0x401, 0x0, 0x0, {0x0, 0x48, 0x0, r1, 0x21eae}}, 0x20}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.events\x00', 0x26e1, 0x0)
close(r4)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
ioctl$SIOCSIFHWADDR(r4, 0x8b06, &(0x7f0000000000)={'wlan1\x00', @random="060000000010"})
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000010000003a194618d96d6d2e8553", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
r6 = socket$unix(0x1, 0x2, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x44, r7, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r8}, @val={0xc, 0x99, {0x7ff, 0x70}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}]}, 0x44}, 0x1, 0x0, 0x0, 0x81}, 0x24044884)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r9)
socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
socket$netlink(0x10, 0x3, 0x0)

0s ago: executing program 2 (id=1640):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x18)
r4 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x7}, 0x1c)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet(r5, &(0x7f0000000d00)=[{{&(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10, 0x0}}, {{&(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x10, 0x0, 0x0, &(0x7f0000000700)=[@ip_tos_int={{0x14, 0x0, 0x1, 0xfffffffb}}], 0x18}}], 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
prctl$PR_SET_NAME(0xf, 0x0)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x20, 0x4001c00)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.61' (ED25519) to the list of known hosts.
[   65.895847][ T5775] cgroup: Unknown subsys name 'net'
[   66.028856][ T5775] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   67.457519][ T5775] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   68.923289][ T5787] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   68.933606][ T5787] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   68.951359][ T5787] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   68.972361][ T5787] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   68.980736][ T5787] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   68.988651][ T5787] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   69.029252][ T5103] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   69.044316][ T5793] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   69.053435][ T5793] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   69.068865][ T5793] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   69.079517][ T5793] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   69.088081][ T5793] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   69.096762][ T5793] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   69.105187][ T5793] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   69.110662][ T5797] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   69.113904][ T5793] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   69.121416][ T5797] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   69.136048][ T5797] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   69.143855][ T5793] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   69.144112][ T5797] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   69.161706][ T5793] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   69.188280][ T5787] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   69.196643][ T5787] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   69.209305][ T5787] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   69.539421][ T5785] chnl_net:caif_netlink_parms(): no params data found
[   69.663887][ T5790] chnl_net:caif_netlink_parms(): no params data found
[   69.697412][ T5785] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.706967][ T5785] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.716745][ T5785] bridge_slave_0: entered allmulticast mode
[   69.724324][ T5785] bridge_slave_0: entered promiscuous mode
[   69.738739][ T5785] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.747330][ T5785] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.755969][ T5785] bridge_slave_1: entered allmulticast mode
[   69.763972][ T5785] bridge_slave_1: entered promiscuous mode
[   69.803635][ T5785] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   69.839468][ T5785] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   69.862177][ T5789] chnl_net:caif_netlink_parms(): no params data found
[   69.922904][ T5785] team0: Port device team_slave_0 added
[   69.964397][ T5785] team0: Port device team_slave_1 added
[   70.047580][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_0
[   70.055167][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.087389][ T5785] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   70.123202][ T5789] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.132479][ T5789] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.140220][ T5789] bridge_slave_0: entered allmulticast mode
[   70.147338][ T5789] bridge_slave_0: entered promiscuous mode
[   70.159679][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_1
[   70.166954][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.194084][ T5785] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   70.220723][ T5789] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.228276][ T5789] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.236135][ T5789] bridge_slave_1: entered allmulticast mode
[   70.243876][ T5789] bridge_slave_1: entered promiscuous mode
[   70.250949][ T5788] chnl_net:caif_netlink_parms(): no params data found
[   70.286860][ T5790] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.294339][ T5790] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.302405][ T5790] bridge_slave_0: entered allmulticast mode
[   70.309356][ T5790] bridge_slave_0: entered promiscuous mode
[   70.347118][ T5790] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.354726][ T5790] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.362528][ T5790] bridge_slave_1: entered allmulticast mode
[   70.369645][ T5790] bridge_slave_1: entered promiscuous mode
[   70.390193][ T5789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   70.458096][ T5789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   70.492893][ T5790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   70.513986][ T5785] hsr_slave_0: entered promiscuous mode
[   70.520673][ T5785] hsr_slave_1: entered promiscuous mode
[   70.539537][ T5788] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.547191][ T5788] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.554885][ T5788] bridge_slave_0: entered allmulticast mode
[   70.562278][ T5788] bridge_slave_0: entered promiscuous mode
[   70.572893][ T5790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   70.608647][ T5789] team0: Port device team_slave_0 added
[   70.615721][ T5788] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.623494][ T5788] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.631038][ T5788] bridge_slave_1: entered allmulticast mode
[   70.637844][ T5788] bridge_slave_1: entered promiscuous mode
[   70.669610][ T5790] team0: Port device team_slave_0 added
[   70.678369][ T5789] team0: Port device team_slave_1 added
[   70.709407][ T5790] team0: Port device team_slave_1 added
[   70.742657][ T5788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   70.755604][ T5788] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   70.821202][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_0
[   70.828211][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.857249][ T5790] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   70.869553][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_0
[   70.877180][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.903701][ T5789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   70.918440][ T5789] batman_adv: batadv0: Adding interface: batadv_slave_1
[   70.925956][ T5789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.953448][ T5789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   70.985229][ T5788] team0: Port device team_slave_0 added
[   70.991932][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_1
[   70.999135][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.026293][ T5790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   71.058063][ T5788] team0: Port device team_slave_1 added
[   71.092152][ T5103] Bluetooth: hci0: command tx timeout
[   71.128444][ T5789] hsr_slave_0: entered promiscuous mode
[   71.135415][ T5789] hsr_slave_1: entered promiscuous mode
[   71.142700][ T5789] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   71.150448][ T5789] Cannot create hsr debugfs directory
[   71.162930][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_0
[   71.169939][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.196666][ T5788] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   71.244518][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_1
[   71.251790][ T5103] Bluetooth: hci1: command tx timeout
[   71.257943][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.261099][ T5103] Bluetooth: hci2: command tx timeout
[   71.284319][ T5787] Bluetooth: hci3: command tx timeout
[   71.296059][ T5788] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   71.318822][ T5790] hsr_slave_0: entered promiscuous mode
[   71.325213][ T5790] hsr_slave_1: entered promiscuous mode
[   71.332985][ T5790] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   71.342797][ T5790] Cannot create hsr debugfs directory
[   71.428273][ T5788] hsr_slave_0: entered promiscuous mode
[   71.436117][ T5788] hsr_slave_1: entered promiscuous mode
[   71.443630][ T5788] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   71.451474][ T5788] Cannot create hsr debugfs directory
[   71.724391][ T5785] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   71.738345][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[   71.745401][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[   71.757320][ T5785] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   71.783209][ T5785] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   71.798594][ T5785] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   71.882791][ T5789] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   71.895578][ T5789] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   71.912219][ T5789] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   71.943365][ T5789] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   72.021235][ T5790] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   72.034282][ T5790] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   72.044465][ T5790] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   72.058153][ T5790] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   72.150974][ T5788] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   72.175306][ T5788] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   72.186690][ T5788] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   72.198274][ T5788] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   72.228701][ T5785] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.289054][ T5785] 8021q: adding VLAN 0 to HW filter on device team0
[   72.309837][ T5789] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.332597][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.340294][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.350434][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.357845][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.406094][ T5789] 8021q: adding VLAN 0 to HW filter on device team0
[   72.452941][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.460355][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.469260][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.476520][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.592978][ T5788] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.654960][ T5788] 8021q: adding VLAN 0 to HW filter on device team0
[   72.678134][ T5790] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.706108][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.713359][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.739853][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.747176][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.794613][ T5790] 8021q: adding VLAN 0 to HW filter on device team0
[   72.823237][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.830606][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.858549][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.865803][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.989464][ T5790] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   73.023740][ T5790] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   73.127973][ T5785] 8021q: adding VLAN 0 to HW filter on device batadv0
[   73.172247][ T5787] Bluetooth: hci0: command tx timeout
[   73.256766][ T5785] veth0_vlan: entered promiscuous mode
[   73.308563][ T5785] veth1_vlan: entered promiscuous mode
[   73.330454][ T5789] 8021q: adding VLAN 0 to HW filter on device batadv0
[   73.337848][ T5787] Bluetooth: hci3: command tx timeout
[   73.344558][ T5787] Bluetooth: hci2: command tx timeout
[   73.345469][ T5103] Bluetooth: hci1: command tx timeout
[   73.384438][ T5788] 8021q: adding VLAN 0 to HW filter on device batadv0
[   73.433684][ T5785] veth0_macvtap: entered promiscuous mode
[   73.449485][ T5785] veth1_macvtap: entered promiscuous mode
[   73.528832][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_0
[   73.551725][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_1
[   73.566079][ T5789] veth0_vlan: entered promiscuous mode
[   73.588729][ T5785] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   73.598599][ T5785] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   73.609475][ T5785] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.618772][ T5785] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.647283][ T5790] 8021q: adding VLAN 0 to HW filter on device batadv0
[   73.670280][ T5788] veth0_vlan: entered promiscuous mode
[   73.687758][ T5789] veth1_vlan: entered promiscuous mode
[   73.725051][ T5788] veth1_vlan: entered promiscuous mode
[   73.835632][ T5790] veth0_vlan: entered promiscuous mode
[   73.858806][ T5789] veth0_macvtap: entered promiscuous mode
[   73.893808][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.907409][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.919577][ T5790] veth1_vlan: entered promiscuous mode
[   73.944377][ T5789] veth1_macvtap: entered promiscuous mode
[   73.964433][ T5788] veth0_macvtap: entered promiscuous mode
[   73.989146][ T5788] veth1_macvtap: entered promiscuous mode
[   74.005189][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.021592][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.036887][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   74.054819][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.070256][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_0
[   74.096964][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.108623][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.122540][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_1
[   74.137282][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   74.155588][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.166013][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   74.176870][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.189063][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_0
[   74.222351][ T5788] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.231534][ T5788] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.240439][ T5788] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.252243][ T5788] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.278740][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.290693][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.308826][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.340561][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.355550][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_1
[   74.368666][ T5789] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.379120][ T5789] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.389842][ T5789] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.405438][ T5789] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.428399][ T5790] veth0_macvtap: entered promiscuous mode
[   74.442388][ T5790] veth1_macvtap: entered promiscuous mode
[   74.470589][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   74.488315][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.499069][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   74.515040][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.528931][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   74.546003][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.558874][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_0
[   74.596286][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.609243][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.627312][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.638184][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.655565][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.667542][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.679752][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_1
[   74.692616][ T5790] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.701844][ T5790] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.717542][ T5790] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.745807][ T5790] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   75.267559][ T5103] Bluetooth: hci0: command tx timeout
[   75.284636][ T5874] kthread_run failed with err -4
[   75.411236][ T5797] Bluetooth: hci2: command tx timeout
[   75.412438][ T5787] Bluetooth: hci3: command tx timeout
[   75.422790][ T5103] Bluetooth: hci1: command tx timeout
[   75.602222][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.630780][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.647400][ T3517] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.703965][ T3517] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.750672][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.760439][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.375398][   T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.398636][   T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.543841][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.575708][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.685089][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.695398][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.259530][ T5887] netlink: 'syz.0.1': attribute type 1 has an invalid length.
[   77.334015][ T5103] Bluetooth: hci0: command tx timeout
[   77.491982][ T5103] Bluetooth: hci1: command tx timeout
[   77.498183][ T5787] Bluetooth: hci3: command tx timeout
[   77.498197][ T5797] Bluetooth: hci2: command tx timeout
[   77.562506][ T5890] Bluetooth: MGMT ver 1.22
[   78.385546][ T5889] veth3: entered promiscuous mode
[   78.903244][ T5894] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1'.
[   80.109927][ T5917] syz.1.11[5917]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   80.150050][ T5917] loop1: detected capacity change from 0 to 1024
[   80.161404][ T5919] loop3: detected capacity change from 0 to 512
[   80.518240][ T5923] loop0: detected capacity change from 0 to 256
[   80.570151][ T5919] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.360212][ T3517] hfsplus: b-tree write err: -5, ino 4
[   82.744056][    T9] cfg80211: failed to load regulatory.db
[   82.997311][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.882495][ T5943] Cannot find set identified by id 0 to match
[   84.642952][ T5958] loop0: detected capacity change from 0 to 64
[   84.679344][ T5955] loop3: detected capacity change from 0 to 2048
[   84.694235][ T5955] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[   85.725779][ T5966] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   85.741036][ T5955] syz.3.17: attempt to access beyond end of device
[   85.741036][ T5955] loop3: rw=524288, sector=65534, nr_sectors = 2 limit=2048
[   85.844412][ T5970] netlink: 8 bytes leftover after parsing attributes in process `syz.0.20'.
[   85.859573][ T5970] netlink: 8 bytes leftover after parsing attributes in process `syz.0.20'.
[   85.870009][ T5970] netlink: 8 bytes leftover after parsing attributes in process `syz.0.20'.
[   85.880248][ T5970] netlink: 8 bytes leftover after parsing attributes in process `syz.0.20'.
[   86.428790][ T5974] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[   86.690169][ T5973] loop1: detected capacity change from 0 to 512
[   87.601027][ T5973] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   87.638051][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   87.695189][ T5973] EXT4-fs (loop1): Test dummy encryption mode enabled
[   87.748715][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   87.822683][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   88.126652][ T5973] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.23: inode has both inline data and extents flags
[   88.189316][ T5973] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.23: couldn't read orphan inode 15 (err -117)
[   88.234485][ T5973] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.306847][ T5995] loop2: detected capacity change from 0 to 64
[   88.504959][ T5992] team0: Port device team_slave_0 removed
[   88.538339][ T5796] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   89.562025][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.744374][ T5997] tipc: Started in network mode
[   89.749625][ T5997] tipc: Node identity fae0d37af80b, cluster identity 4711
[   89.805172][ T5997] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   89.861812][ T6000] syzkaller0: entered promiscuous mode
[   89.891074][ T6000] syzkaller0: entered allmulticast mode
[   89.900448][ T6017] loop1: detected capacity change from 0 to 128
[   90.517401][ T5996] tipc: Resetting bearer <eth:syzkaller0>
[   90.632482][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   90.642850][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   90.733892][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   90.742763][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   90.837685][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   90.846600][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   90.855290][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   95.749409][   T23] tipc: Node number set to 49009530
[   95.855428][ T5996] tipc: Disabling bearer <eth:syzkaller0>
[   97.859492][ T6035] loop2: detected capacity change from 0 to 4096
[   99.771006][ T6046] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  108.164476][ T6098] loop0: detected capacity change from 0 to 4096
[  108.193349][ T6098] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.238648][ T6098] netlink: 24 bytes leftover after parsing attributes in process `syz.0.49'.
[  109.185011][ T5790] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.033029][ T6112] xt_hashlimit: max too large, truncated to 1048576
[  111.953124][ T6115] loop0: detected capacity change from 0 to 128
[  112.108295][ T6115] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  112.154742][ T6115] ext4 filesystem being mounted at /15/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  112.901580][ T5790] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  114.125026][ T6141] loop3: detected capacity change from 0 to 1764
[  118.081650][ T6167] netlink: 4 bytes leftover after parsing attributes in process `syz.3.66'.
[  121.438096][ T6178] loop0: detected capacity change from 0 to 1024
[  121.480087][ T6178] =======================================================
[  121.480087][ T6178] WARNING: The mand mount option has been deprecated and
[  121.480087][ T6178]          and is ignored by this kernel. Remove the mand
[  121.480087][ T6178]          option from the mount to silence this warning.
[  121.480087][ T6178] =======================================================
[  122.077724][ T6178] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  124.001757][ T6195] netlink: 'syz.3.72': attribute type 4 has an invalid length.
[  124.009473][ T6195] netlink: 17 bytes leftover after parsing attributes in process `syz.3.72'.
[  125.350828][    C0] sched: RT throttling activated
[  125.618730][ T6198] loop1: detected capacity change from 0 to 512
[  125.627451][ T6199] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  125.655051][ T6198] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  125.736688][ T5790] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.873042][ T6198] EXT4-fs (loop1): 1 orphan inode deleted
[  125.895320][ T3517] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  125.915350][ T3517] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u4:8: Failed to release dquot type 1
[  125.952405][ T6198] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  125.976917][ T6198] ext4 filesystem being mounted at /13/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  128.902219][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.772719][ T6225] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  132.025879][ T6243] loop2: detected capacity change from 0 to 16
[  132.209392][ T6243] erofs: (device loop2): mounted with root inode @ nid 36.
[  132.253357][ T6243] erofs: (device loop2): z_erofs_read_folio: read error -117 @ 0 of nid 36
[  132.262510][ T6243] erofs: (device loop2): erofs_readdir: fail to readdir of logical block 0 of nid 36
[  133.117004][ T6252] loop1: detected capacity change from 0 to 512
[  133.125579][ T6252] EXT4-fs: Ignoring removed oldalloc option
[  140.011403][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  140.021085][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  140.036394][ T6254] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  140.041132][   T28] audit: type=1800 audit(1763655249.958:2): pid=6254 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.86" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  140.047222][ T6254] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  140.076036][ T6254] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  140.183714][ T6254] syz.2.86 (6254) used greatest stack depth: 20688 bytes left
[  140.257032][ T6252] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  140.298796][ T6252] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[  140.299122][ T6252] EXT4-fs: failed to create workqueue
[  140.314307][ T6252] EXT4-fs (loop1): mount failed
[  140.597969][ T6262] netlink: 56 bytes leftover after parsing attributes in process `syz.3.89'.
[  141.047571][ T6264] syzkaller0: entered promiscuous mode
[  141.110574][ T6264] syzkaller0: entered allmulticast mode
[  141.159321][ T6269] netlink: 209844 bytes leftover after parsing attributes in process `syz.1.90'.
[  147.017635][ T6310] bridge0: entered promiscuous mode
[  147.023641][ T6310] macsec1: entered promiscuous mode
[  151.027058][ T6310] bridge0: left promiscuous mode
[  152.720174][ T6334] overlayfs: failed to clone lowerpath
[  152.778590][ T6335] overlayfs: failed to clone lowerpath
[  155.800543][ T6364] netlink: 220 bytes leftover after parsing attributes in process `syz.3.112'.
[  157.789010][ T6376] tipc: Started in network mode
[  157.794019][ T6376] tipc: Node identity 4, cluster identity 4711
[  157.800220][ T6376] tipc: Node number set to 4
[  158.815149][ T6382] loop1: detected capacity change from 0 to 2048
[  158.903807][ T6382] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  159.370944][ T6382] UDF-fs: Scanning with blocksize 512 failed
[  159.468458][ T6382] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  162.475062][ T6408] batman_adv: batadv0: Adding interface: dummy0
[  162.480174][ T6409] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  162.494700][ T6408] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  162.544260][ T6408] batman_adv: batadv0: Interface activated: dummy0
[  162.573937][ T6412] batadv0: mtu less than device minimum
[  162.603149][ T6412] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  162.616091][ T6412] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  162.628640][ T6412] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  162.641269][ T6412] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  162.653797][ T6412] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  162.666316][ T6412] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  162.678840][ T6412] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  162.691584][ T6412] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  162.704148][ T6412] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  162.911281][ T6417] No such timeout policy "syz0"
[  166.397048][ T6448] loop2: detected capacity change from 0 to 128
[  166.404370][ T6448] EXT4-fs: Ignoring removed nobh option
[  166.799806][ T6448] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  166.817017][ T6448] ext4 filesystem being mounted at /32/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  167.076253][ T5785] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  167.908424][ T6460] netlink: 4 bytes leftover after parsing attributes in process `syz.1.136'.
[  171.355831][ T6482] Process accounting resumed
[  171.525238][   T28] audit: type=1326 audit(1763655281.448:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6481 comm="syz.2.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a118f749 code=0x7ffc0000
[  171.601310][   T28] audit: type=1326 audit(1763655281.448:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6481 comm="syz.2.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a118f749 code=0x7ffc0000
[  171.637568][ T6492] netlink: 4 bytes leftover after parsing attributes in process `syz.1.143'.
[  171.646672][   T28] audit: type=1326 audit(1763655281.448:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6481 comm="syz.2.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f12a118f749 code=0x7ffc0000
[  171.704685][   T28] audit: type=1326 audit(1763655281.448:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6481 comm="syz.2.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a118f749 code=0x7ffc0000
[  171.775393][   T28] audit: type=1326 audit(1763655281.448:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6481 comm="syz.2.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f12a118f749 code=0x7ffc0000
[  171.798088][   T28] audit: type=1326 audit(1763655281.448:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6481 comm="syz.2.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a118f749 code=0x7ffc0000
[  171.821038][   T28] audit: type=1326 audit(1763655281.448:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6481 comm="syz.2.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a118f749 code=0x7ffc0000
[  171.843919][   T28] audit: type=1326 audit(1763655281.448:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6481 comm="syz.2.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f12a118f749 code=0x7ffc0000
[  171.866313][   T28] audit: type=1326 audit(1763655281.448:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6481 comm="syz.2.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a118f749 code=0x7ffc0000
[  172.100070][   T28] audit: type=1326 audit(1763655281.458:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6481 comm="syz.2.147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f12a118f749 code=0x7ffc0000
[  175.192123][ T6519] netlink: 4 bytes leftover after parsing attributes in process `syz.0.148'.
[  176.956011][ T6525] netlink: 8 bytes leftover after parsing attributes in process `syz.3.155'.
[  176.983801][ T6525] netlink: 8 bytes leftover after parsing attributes in process `syz.3.155'.
[  177.669921][ T5878] Process accounting resumed
[  177.708416][ T6531] netlink: 4 bytes leftover after parsing attributes in process `syz.1.154'.
[  177.937040][ T6532] Process accounting resumed
[  179.456164][ T6550] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  180.080498][ T6552] Process accounting resumed
[  180.195015][ T6556] Zero length message leads to an empty skb
[  180.229587][ T6556] netlink: 4 bytes leftover after parsing attributes in process `syz.0.160'.
[  180.299310][ T6558] netlink: 12 bytes leftover after parsing attributes in process `syz.1.161'.
[  180.571697][ T6564] overlayfs: failed to clone lowerpath
[  181.216029][ T6563] netlink: 4 bytes leftover after parsing attributes in process `syz.1.161'.
[  182.363412][ T6563] bond1 (unregistering): Released all slaves
[  183.002939][ T6577] netlink: 4 bytes leftover after parsing attributes in process `syz.0.165'.
[  184.360896][ T5877] Process accounting resumed
[  184.425719][ T6582] Process accounting resumed
[  185.230913][ T5877] Process accounting resumed
[  185.272606][ T6586] Process accounting resumed
[  186.525655][ T6599] Process accounting resumed
[  187.003692][ T6607] loop1: detected capacity change from 0 to 128
[  187.017159][ T6607] EXT4-fs: Ignoring removed nobh option
[  187.244080][ T6609] No such timeout policy "syz0"
[  187.632093][ T6607] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  187.742374][ T6607] ext4 filesystem being mounted at /38/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  187.885351][ T6617] netlink: 12 bytes leftover after parsing attributes in process `syz.0.175'.
[  188.112024][ T5789] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  188.535620][ T6619] netlink: 4 bytes leftover after parsing attributes in process `syz.0.175'.
[  188.636951][ T6619] bond1 (unregistering): Released all slaves
[  188.705121][ T6622] netlink: 4 bytes leftover after parsing attributes in process `syz.1.176'.
[  190.357200][ T6630] loop0: detected capacity change from 0 to 2048
[  190.633830][ T6630] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found!
[  190.644508][ T6638] netlink: 12 bytes leftover after parsing attributes in process `syz.3.181'.
[  191.878321][ T6630] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  192.211018][ T5794] Bluetooth: hci2: command 0x0406 tx timeout
[  192.218053][ T5794] Bluetooth: hci1: command 0x0406 tx timeout
[  192.224410][ T5794] Bluetooth: hci0: command 0x0406 tx timeout
[  192.230464][ T5794] Bluetooth: hci3: command 0x0406 tx timeout
[  192.430441][ T6645] loop0: detected capacity change from 0 to 2048
[  192.576872][ T6645] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  193.199586][ T6645] UDF-fs: Scanning with blocksize 512 failed
[  193.460346][ T6648] loop1: detected capacity change from 0 to 1024
[  193.484207][ T6645] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  194.369463][ T3517] hfsplus: b-tree write err: -5, ino 4
[  194.400167][ T6658] netlink: 20 bytes leftover after parsing attributes in process `syz.2.187'.
[  194.422523][ T6658] netlink: 4 bytes leftover after parsing attributes in process `syz.2.187'.
[  194.671900][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  194.678239][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  199.457664][ T6687] tipc: Started in network mode
[  199.496625][ T6687] tipc: Node identity ca9bca4f581a, cluster identity 4711
[  199.535103][ T6687] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  199.582335][ T6690] syzkaller0: entered promiscuous mode
[  199.700962][ T6690] syzkaller0: entered allmulticast mode
[  199.928030][ T6687] tipc: Resetting bearer <eth:syzkaller0>
[  200.009192][ T6686] tipc: Resetting bearer <eth:syzkaller0>
[  200.070754][ T6686] tipc: Disabling bearer <eth:syzkaller0>
[  200.897956][ T6703] netlink: 20 bytes leftover after parsing attributes in process `syz.3.199'.
[  200.910987][ T6703] netlink: 4 bytes leftover after parsing attributes in process `syz.3.199'.
[  207.515327][ T6791] netlink: 20 bytes leftover after parsing attributes in process `syz.3.208'.
[  207.633478][ T6791] netlink: 4 bytes leftover after parsing attributes in process `syz.3.208'.
[  207.713165][ T6797] netlink: 12 bytes leftover after parsing attributes in process `syz.0.207'.
[  208.124441][ T6799] loop1: detected capacity change from 0 to 16
[  208.639722][ T6799] erofs: (device loop1): mounted with root inode @ nid 36.
[  208.692424][ T6798] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 0 of nid 36
[  208.702198][ T6798] erofs: (device loop1): erofs_readdir: fail to readdir of logical block 0 of nid 36
[  210.011495][   T23] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  212.312151][ T6834] netlink: 20 bytes leftover after parsing attributes in process `syz.1.219'.
[  212.389711][   T23] usb 1-1: device not accepting address 2, error -71
[  212.403200][ T6834] netlink: 4 bytes leftover after parsing attributes in process `syz.1.219'.
[  213.268467][ T6841] netlink: 140 bytes leftover after parsing attributes in process `syz.3.220'.
[  213.295578][ T6841] netlink: 'syz.3.220': attribute type 5 has an invalid length.
[  213.373576][ T6841] netlink: 'syz.3.220': attribute type 10 has an invalid length.
[  213.446757][ T6841] 8021q: adding VLAN 0 to HW filter on device team0
[  213.537769][ T6841] bond0: (slave team0): Enslaving as an active interface with an up link
[  213.561554][ T5933] IPVS: starting estimator thread 0...
[  214.286218][ T6849] IPVS: using max 20 ests per chain, 48000 per kthread
[  216.849320][ T6865] loop2: detected capacity change from 0 to 32768
[  216.875628][ T6865] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 scanned by syz.2.226 (6865)
[  217.511614][ T6874] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  217.511614][ T6874] The task syz.1.228 (6874) triggered the difference, watch for misbehavior.
[  219.852123][   T28] kauditd_printk_skb: 10 callbacks suppressed
[  219.852137][   T28] audit: type=1326 audit(1763655329.768:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6869 comm="syz.1.228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f4c18f749 code=0x7fc00000
[  219.882251][ T6865] BTRFS error (device loop2): open_ctree failed: -4
[  219.996937][ T6880] netlink: 20 bytes leftover after parsing attributes in process `syz.3.230'.
[  220.041982][ T6880] netlink: 4 bytes leftover after parsing attributes in process `syz.3.230'.
[  220.096889][ T6882] netlink: 12 bytes leftover after parsing attributes in process `syz.2.231'.
[  220.151619][ T6882] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  220.160643][ T6882] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  220.171153][ T6882] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  220.179988][ T6882] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  220.219600][ T6882] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  220.245074][ T6884] netlink: 4 bytes leftover after parsing attributes in process `syz.2.231'.
[  220.280101][ T6884] bond1 (unregistering): (slave geneve2): Releasing backup interface
[  220.303273][ T6884] netdevsim netdevsim2 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[  220.321063][ T6884] netdevsim netdevsim2 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  220.354985][ T6884] netdevsim netdevsim2 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  220.378956][ T6884] netdevsim netdevsim2 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  220.418347][ T6884] bond1 (unregistering): Released all slaves
[  220.498992][ T6891] netlink: 4 bytes leftover after parsing attributes in process `syz.1.240'.
[  220.510108][ T6887] netlink: 20 bytes leftover after parsing attributes in process `syz.1.240'.
[  225.879925][   T27] Process accounting resumed
[  226.447401][ T6924] Process accounting resumed
[  226.663419][ T6932] netlink: 16 bytes leftover after parsing attributes in process `syz.3.243'.
[  227.401671][ T6932] netlink: 4 bytes leftover after parsing attributes in process `syz.3.243'.
[  227.495895][ T6935] netlink: 12 bytes leftover after parsing attributes in process `syz.1.244'.
[  227.625582][ T6940] netlink: 4 bytes leftover after parsing attributes in process `syz.1.244'.
[  233.315579][ T6977] netlink: 'syz.2.256': attribute type 1 has an invalid length.
[  234.178984][ T6981] netlink: 12 bytes leftover after parsing attributes in process `syz.1.257'.
[  234.229448][ T6988] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  234.250320][ T6988] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  235.276455][ T6991] netlink: 28 bytes leftover after parsing attributes in process `syz.2.256'.
[  235.391747][ T6991] 8021q: adding VLAN 0 to HW filter on device bond1
[  235.412258][ T6993] netlink: 4 bytes leftover after parsing attributes in process `syz.1.257'.
[  235.475148][   T28] audit: type=1326 audit(1763655345.398:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7008 comm="syz.3.260" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f62d0d8f749 code=0x0
[  235.561961][ T6977] bond1: (slave bridge1): Enslaving as an active interface with a down link
[  235.577941][ T7001] macvlan2: entered promiscuous mode
[  235.584162][ T7001] macvlan2: entered allmulticast mode
[  235.590654][ T7001] bond1: entered promiscuous mode
[  235.602900][ T7001] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  235.672425][ T7013] loop0: detected capacity change from 0 to 16
[  235.718818][ T7013] erofs: (device loop0): mounted with root inode @ nid 36.
[  235.750610][ T7013] erofs: (device loop0): z_erofs_read_folio: read error -117 @ 0 of nid 36
[  235.759502][ T7013] erofs: (device loop0): erofs_readdir: fail to readdir of logical block 0 of nid 36
[  235.882834][ T7001] bond1: left promiscuous mode
[  237.842532][ T7025] loop2: detected capacity change from 0 to 2048
[  237.870288][ T7025] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  238.055603][ T7025] UDF-fs: Scanning with blocksize 512 failed
[  239.763314][ T7025] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  241.044099][ T7045] loop1: detected capacity change from 0 to 1024
[  242.937743][ T7057] Process accounting resumed
[  245.277404][ T7077] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  247.261908][ T7093] process 'syz.3.278' launched './file0' with NULL argv: empty string added
[  248.825675][ T7103] Process accounting resumed
[  253.277545][ T7132] loop0: detected capacity change from 0 to 128
[  257.662082][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  257.668503][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  259.015905][   T28] audit: type=1326 audit(1763655368.928:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7160 comm="syz.1.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f4c18f749 code=0x7ffc0000
[  259.078241][   T28] audit: type=1326 audit(1763655368.968:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7160 comm="syz.1.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6f4c18f749 code=0x7ffc0000
[  259.101880][   T28] audit: type=1326 audit(1763655368.968:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7160 comm="syz.1.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f4c18f749 code=0x7ffc0000
[  259.905011][ T7165] Process accounting resumed
[  260.021199][   T28] audit: type=1326 audit(1763655368.968:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7160 comm="syz.1.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f4c18f749 code=0x7ffc0000
[  260.373219][   T28] audit: type=1326 audit(1763655369.228:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7160 comm="syz.1.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7f6f4c18f749 code=0x7ffc0000
[  260.681455][   T28] audit: type=1326 audit(1763655369.968:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7160 comm="syz.1.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6f4c1865e7 code=0x7ffc0000
[  260.824523][   T28] audit: type=1326 audit(1763655369.968:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7160 comm="syz.1.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6f4c12b829 code=0x7ffc0000
[  260.918883][   T28] audit: type=1326 audit(1763655369.968:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7160 comm="syz.1.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7f6f4c18f749 code=0x7ffc0000
[  261.144475][ T7172] netlink: 4 bytes leftover after parsing attributes in process `syz.3.301'.
[  261.596101][   T28] audit: type=1326 audit(1763655369.988:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7160 comm="syz.1.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6f4c1865e7 code=0x7ffc0000
[  261.653037][ T7174] netlink: 4 bytes leftover after parsing attributes in process `syz.3.301'.
[  261.671677][   T28] audit: type=1326 audit(1763655369.988:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7160 comm="syz.1.298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6f4c12b829 code=0x7ffc0000
[  261.851133][ T7178] UBIFS error (pid: 7178): cannot open "./file0", error -22
[  267.118008][ T7218] netlink: 4 bytes leftover after parsing attributes in process `syz.0.312'.
[  268.291893][ T7228] netlink: 4 bytes leftover after parsing attributes in process `syz.0.312'.
[  268.341387][ T7229] netlink: 'syz.3.313': attribute type 1 has an invalid length.
[  268.516647][ T7231] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  268.532608][ T7231] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  268.579243][ T7233] netlink: 28 bytes leftover after parsing attributes in process `syz.3.313'.
[  268.613625][ T7238] loop0: detected capacity change from 0 to 2048
[  268.623435][ T7233] 8021q: adding VLAN 0 to HW filter on device bond1
[  268.677651][ T7238] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  268.688262][ T7238] UDF-fs: Scanning with blocksize 512 failed
[  268.710590][ T7238] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  268.823658][ T7234] bond1: (slave bridge2): Enslaving as an active interface with a down link
[  268.843838][ T7226] netlink: 'syz.2.321': attribute type 10 has an invalid length.
[  268.915142][ T7226] hsr0: entered promiscuous mode
[  268.992929][ T7226] bond0: (slave hsr0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  269.005133][ T7226] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[  269.015709][ T7226] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  269.028106][ T7226] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[  269.506888][ T7236] macvlan2: entered promiscuous mode
[  269.583072][ T7236] macvlan2: entered allmulticast mode
[  269.625053][ T7236] bond1: entered promiscuous mode
[  269.658838][ T7236] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  269.668639][ T7236] bond1: left promiscuous mode
[  272.358876][ T7244] bridge_slave_0: left allmulticast mode
[  272.427612][ T7244] bridge0: port 1(bridge_slave_0) entered disabled state
[  272.479576][ T7244] net_ratelimit: 10 callbacks suppressed
[  272.479592][ T7244] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  272.999575][ T7266] netlink: 4 bytes leftover after parsing attributes in process `syz.3.323'.
[  273.074642][ T7270] netlink: 4 bytes leftover after parsing attributes in process `syz.3.323'.
[  273.195963][ T5787] Bluetooth: Wrong link type (-71)
[  276.366246][ T5787] Bluetooth: hci3: command 0x0406 tx timeout
[  276.842140][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805e2c8400: rx timeout, send abort
[  277.351985][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805e2c8400: abort rx timeout. Force session deactivation
[  278.180972][ T7310] syz.1.334 (7310) used greatest stack depth: 17960 bytes left
[  278.409408][ T7313] netlink: 140 bytes leftover after parsing attributes in process `syz.0.335'.
[  278.439104][ T7313] netlink: 'syz.0.335': attribute type 5 has an invalid length.
[  278.456457][ T7316] syz.3.337 uses obsolete (PF_INET,SOCK_PACKET)
[  278.942160][ T7314] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  279.062123][ T7313] netlink: 'syz.0.335': attribute type 10 has an invalid length.
[  279.196806][ T7313] 8021q: adding VLAN 0 to HW filter on device team0
[  279.433669][ T7313] bond0: (slave team0): Enslaving as an active interface with an up link
[  279.831638][ T5787] Bluetooth: hci3: SCO packet for unknown connection handle 0
[  281.992974][ T7324] netlink: 4 bytes leftover after parsing attributes in process `syz.3.339'.
[  286.453197][ T7355] loop2: detected capacity change from 0 to 1024
[  292.669865][ T7377] netlink: 4 bytes leftover after parsing attributes in process `syz.2.352'.
[  292.785341][ T5877] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[  298.405845][ T7416] mmap: syz.1.363 (7416) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  299.290512][ T7423] netlink: 4 bytes leftover after parsing attributes in process `syz.2.365'.
[  300.291772][ T7432] tipc: New replicast peer: 255.255.255.255
[  300.309638][ T7432] tipc: Enabled bearer <udp:syz2>, priority 10
[  301.268417][ T7438] netlink: 12 bytes leftover after parsing attributes in process `syz.1.374'.
[  301.277651][ T7438] tipc: Disabling bearer <udp:syz2>
[  304.223610][ T7455] loop0: detected capacity change from 0 to 256
[  304.252789][ T7460] netlink: 344 bytes leftover after parsing attributes in process `syz.1.372'.
[  304.262332][ T7460] netlink: 8 bytes leftover after parsing attributes in process `syz.1.372'.
[  305.205671][ T7455] FAT-fs (loop0): Directory bread(block 64) failed
[  305.212750][ T7455] FAT-fs (loop0): Directory bread(block 65) failed
[  305.219444][ T7455] FAT-fs (loop0): Directory bread(block 66) failed
[  305.226082][ T7455] FAT-fs (loop0): Directory bread(block 67) failed
[  305.232876][ T7455] FAT-fs (loop0): Directory bread(block 68) failed
[  305.239404][ T7455] FAT-fs (loop0): Directory bread(block 69) failed
[  305.246363][ T7455] FAT-fs (loop0): Directory bread(block 70) failed
[  305.252990][ T7455] FAT-fs (loop0): Directory bread(block 71) failed
[  305.259664][ T7455] FAT-fs (loop0): Directory bread(block 72) failed
[  305.266947][ T7455] FAT-fs (loop0): Directory bread(block 73) failed
[  305.607316][ T7466] loop2: detected capacity change from 0 to 512
[  305.753600][ T7466] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.373: inode has both inline data and extents flags
[  305.780185][ T7466] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.373: couldn't read orphan inode 15 (err -117)
[  305.807029][ T7466] EXT4-fs (loop2): mounted filesystem 00000000-0000-007f-0000-000000000000 r/w without journal. Quota mode: writeback.
[  306.486592][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-007f-0000-000000000000.
[  306.656625][ T5787] Bluetooth: hci0: Malformed Event: 0x02
[  308.278589][ T7486] netlink: 4 bytes leftover after parsing attributes in process `syz.0.379'.
[  308.300538][ T7486] warning: `syz.0.379' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  308.425757][ T7486] netlink: 'syz.0.379': attribute type 10 has an invalid length.
[  308.450174][ T7486] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  309.021738][ T7484] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  310.052602][ T7524] loop0: detected capacity change from 0 to 1024
[  311.993132][    T9] Process accounting resumed
[  312.068817][ T7537] Process accounting resumed
[  312.727281][ T7550] loop1: detected capacity change from 0 to 2048
[  313.473655][ T7542] netlink: 4 bytes leftover after parsing attributes in process `syz.3.389'.
[  313.524084][ T7551] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  317.612684][ T7562] loop0: detected capacity change from 0 to 1024
[  317.638515][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  317.644919][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  317.692840][ T7562] hfsplus: unable to find HFS+ superblock
[  321.781175][ T7581] netlink: 856 bytes leftover after parsing attributes in process `syz.1.396'.
[  322.775817][ T7595] netlink: 4 bytes leftover after parsing attributes in process `syz.1.401'.
[  323.183359][ T7601] loop2: detected capacity change from 0 to 2048
[  324.065138][ T7604] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  324.400233][ T7607] netlink: 4 bytes leftover after parsing attributes in process `syz.1.403'.
[  325.016526][ T7607] batadv0: entered promiscuous mode
[  325.040893][ T7607] macvtap1: entered promiscuous mode
[  325.046432][ T7607] macvtap1: entered allmulticast mode
[  325.052648][ T7607] batadv0: entered allmulticast mode
[  325.059206][ T7607] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  325.102466][ T7609] batadv0: left allmulticast mode
[  325.124497][ T7609] batadv0: left promiscuous mode
[  325.271153][ T5787] Bluetooth: hci0: Malformed Event: 0x02
[  325.368347][ T7618] netlink: 4 bytes leftover after parsing attributes in process `syz.0.406'.
[  326.508558][ T7623] tipc: New replicast peer: 255.255.255.255
[  326.563729][ T7623] tipc: Enabled bearer <udp:syz2>, priority 10
[  327.708781][ T7640] netlink: 12 bytes leftover after parsing attributes in process `syz.3.408'.
[  327.717802][ T7640] tipc: Disabling bearer <udp:syz2>
[  327.796670][ T7636] netlink: 4 bytes leftover after parsing attributes in process `syz.2.411'.
[  328.007641][ T5787] Bluetooth: hci3: Malformed Event: 0x02
[  331.046024][ T5787] Bluetooth: hci0: Malformed Event: 0x02
[  331.139899][ T5787] Bluetooth: hci3: Malformed Event: 0x02
[  331.187170][ T7662] netlink: 4 bytes leftover after parsing attributes in process `syz.3.418'.
[  333.744206][ T7680] befs: (nullb0): invalid magic header
[  334.451850][ T7684] netlink: 4 bytes leftover after parsing attributes in process `syz.1.423'.
[  340.092138][ T5787] Bluetooth: hci3: Malformed Event: 0x02
[  341.171366][ T7715] netlink: 4 bytes leftover after parsing attributes in process `syz.1.429'.
[  345.114131][ T7742] loop2: detected capacity change from 0 to 2048
[  345.187697][ T7742] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  345.663241][ T5787] Bluetooth: hci2: Malformed Event: 0x02
[  346.543975][ T7753] netlink: 4 bytes leftover after parsing attributes in process `syz.3.440'.
[  349.858645][ T7772] netlink: 12 bytes leftover after parsing attributes in process `syz.0.446'.
[  349.935519][ T7772] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  349.963707][ T7772] netlink: 28 bytes leftover after parsing attributes in process `syz.0.446'.
[  350.011391][ T7772] 8021q: adding VLAN 0 to HW filter on device bond1
[  350.147218][  T787] Process accounting resumed
[  350.540845][ T7774] Process accounting resumed
[  351.230454][ T5787] Bluetooth: hci2: Malformed Event: 0x02
[  352.400625][ T7790] netlink: 4 bytes leftover after parsing attributes in process `syz.1.452'.
[  355.290577][ T7812] loop2: detected capacity change from 0 to 1024
[  355.318344][ T7812] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  355.951640][ T7812] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  356.985627][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  357.228926][ T5878] Process accounting resumed
[  357.859722][ T7828] Process accounting resumed
[  357.984276][ T5787] Bluetooth: hci3: Malformed Event: 0x02
[  362.254687][ T7865] loop1: detected capacity change from 0 to 1024
[  362.280376][ T7865] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  362.550071][ T7865] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  363.425224][ T7879] loop0: detected capacity change from 0 to 2048
[  363.501943][ T7881] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  363.789166][ T5787] Bluetooth: hci1: Malformed Event: 0x02
[  364.281172][  T787] Process accounting resumed
[  364.310593][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  364.431270][ T7892] loop0: detected capacity change from 0 to 1024
[  364.448308][ T7892] EXT4-fs: inline encryption not supported
[  364.486719][ T7892] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  364.536117][ T7892] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  365.652502][ T5830] IPVS: starting estimator thread 0...
[  365.831136][ T7908] IPVS: using max 17 ests per chain, 40800 per kthread
[  366.026512][ T5790] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.119350][ T7870] Process accounting resumed
[  367.301102][ T7923] loop0: detected capacity change from 0 to 1024
[  367.706859][ T5787] Bluetooth: hci0: Malformed Event: 0x02
[  368.861170][ T7940] netlink: 4 bytes leftover after parsing attributes in process `syz.2.486'.
[  368.910004][ T7942] loop0: detected capacity change from 0 to 1024
[  368.933518][ T7942] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  369.048158][ T7942] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  370.035352][ T5790] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.777556][ T7967] syz_tun: entered allmulticast mode
[  370.792946][ T7967] netlink: 4 bytes leftover after parsing attributes in process `syz.0.491'.
[  370.818528][ T5878] Process accounting resumed
[  370.898098][ T7967] syz_tun (unregistering): left allmulticast mode
[  371.171572][ T5787] Bluetooth: hci0: Malformed Event: 0x02
[  372.821310][ T7984] netlink: 4 bytes leftover after parsing attributes in process `syz.0.497'.
[  372.993289][   T28] kauditd_printk_skb: 89 callbacks suppressed
[  372.993304][   T28] audit: type=1800 audit(1763658298.922:124): pid=7972 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.494" name="cpuacct.usage_percpu" dev="overlay" ino=635 res=0 errno=0
[  373.101617][ T7956] Process accounting resumed
[  374.232695][ T7993] loop1: detected capacity change from 0 to 1024
[  374.512611][ T7993] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  375.024216][ T7993] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  376.363760][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  376.407874][ T5787] Bluetooth: hci0: Malformed Event: 0x02
[  377.329603][ T8027] netlink: 4 bytes leftover after parsing attributes in process `syz.1.507'.
[  377.938092][ T8036] overlayfs: failed to clone lowerpath
[  379.238594][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  379.245420][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  379.301478][   T23] Process accounting resumed
[  379.780986][ T8052] loop2: detected capacity change from 0 to 256
[  379.802196][ T8052] FAT-fs (loop2): "posix" option is obsolete, not supported now
[  380.718449][ T8039] Process accounting resumed
[  381.788312][ T5787] Bluetooth: hci1: Malformed Event: 0x02
[  381.815456][ T8069] netlink: 28 bytes leftover after parsing attributes in process `syz.2.517'.
[  381.892462][ T8069] netlink: 4 bytes leftover after parsing attributes in process `syz.2.517'.
[  382.196383][ T8080] loop0: detected capacity change from 0 to 128
[  382.206905][ T8080] EXT4-fs: Ignoring removed nobh option
[  382.486906][ T8080] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  382.500960][ T8080] ext4 filesystem being mounted at /128/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  382.890481][ T5790] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  385.620557][ T5797] Bluetooth: hci3: command 0x0406 tx timeout
[  386.660206][ T5797] Bluetooth: hci2: Malformed Event: 0x02
[  388.602979][ T8128] loop1: detected capacity change from 0 to 1024
[  388.654415][ T8128] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  388.862108][ T8128] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  390.773574][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  390.810954][  T787] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  391.490967][  T787] usb 3-1: Using ep0 maxpacket: 8
[  391.565807][  T787] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  391.576820][  T787] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  391.594894][  T787] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  391.604125][  T787] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  391.612796][  T787] usb 3-1: Product: syz
[  391.617075][  T787] usb 3-1: Manufacturer: syz
[  391.626250][  T787] usb 3-1: SerialNumber: syz
[  391.720207][  T787] cdc_ether 3-1:1.0: invalid descriptor buffer length
[  391.727999][  T787] cdc_ether: probe of 3-1:1.0 failed with error -22
[  391.981723][ T8170] netlink: 4 bytes leftover after parsing attributes in process `syz.0.542'.
[  392.001620][ T8149] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  392.073404][ T8149] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  393.955117][ T5849] usb 3-1: USB disconnect, device number 2
[  396.608845][ T8199] loop2: detected capacity change from 0 to 64
[  397.704053][ T8199] hfs: unable to locate alternate MDB
[  397.736813][ T8200] loop0: detected capacity change from 0 to 2048
[  397.756575][ T8199] hfs: continuing without an alternate MDB
[  397.792927][ T8207] netlink: 20 bytes leftover after parsing attributes in process `syz.1.554'.
[  397.830706][ T8207] netlink: 4 bytes leftover after parsing attributes in process `syz.1.554'.
[  397.938139][ T8200] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  398.041046][ T8200] ext4 filesystem being mounted at /137/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  398.473078][ T8200] netlink: 16 bytes leftover after parsing attributes in process `syz.0.550'.
[  398.952192][ T6402] bridge0: port 2(bridge_slave_1) entered disabled state
[  399.508909][ T5790] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  399.819709][ T8230] netlink: 'syz.3.562': attribute type 1 has an invalid length.
[  400.188805][ T8237] netlink: 4 bytes leftover after parsing attributes in process `syz.0.560'.
[  400.201539][ T8237] netlink: 4 bytes leftover after parsing attributes in process `syz.0.560'.
[  401.326890][ T8239] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  401.358803][ T8245] loop2: detected capacity change from 0 to 512
[  401.429928][ T8239] bond2: (slave vxcan3): Error -95 calling set_mac_address
[  401.447495][ T8245] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  401.477102][ T8245] ext4 filesystem being mounted at /132/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  401.509639][ T8244] netlink: 20 bytes leftover after parsing attributes in process `syz.1.565'.
[  401.551785][ T8244] netlink: 4 bytes leftover after parsing attributes in process `syz.1.565'.
[  401.726953][ T8230] bond2: (slave bridge3): Enslaving as an active interface with a down link
[  401.787364][ T8239] bond2: (slave gretap1): making interface the new active one
[  401.800601][ T8239] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  402.409169][ T8230] macvlan2: entered promiscuous mode
[  402.429156][ T8230] macvlan2: entered allmulticast mode
[  402.455197][ T8230] bond2: entered promiscuous mode
[  402.670055][ T8230] gretap1: entered promiscuous mode
[  402.676578][ T8230] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  402.689087][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  402.708261][ T8230] bond2: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1
[  402.754545][ T8230] bond2: left promiscuous mode
[  402.813537][ T8230] gretap1: left promiscuous mode
[  404.453068][ T8275] loop0: detected capacity change from 0 to 2048
[  404.480287][ T8275] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  404.743800][ T8282] loop1: detected capacity change from 0 to 128
[  404.754037][ T8282] EXT4-fs: Ignoring removed nobh option
[  405.592322][ T8282] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  405.604929][ T8282] ext4 filesystem being mounted at /136/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  406.152583][ T5789] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  408.314543][ T8312] netlink: 'syz.1.576': attribute type 10 has an invalid length.
[  408.337380][ T8319] loop2: detected capacity change from 0 to 1024
[  408.355938][ T8319] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  408.369482][ T8312] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  408.525660][ T8316] netlink: 8 bytes leftover after parsing attributes in process `syz.3.581'.
[  408.534883][ T8316] netlink: 12 bytes leftover after parsing attributes in process `syz.3.581'.
[  408.543889][ T8316] netlink: 'syz.3.581': attribute type 18 has an invalid length.
[  408.557414][ T8316] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  408.566539][ T8316] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  408.575303][ T8316] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  408.584312][ T8316] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  408.607647][ T8316] netlink: 8 bytes leftover after parsing attributes in process `syz.3.581'.
[  408.616865][ T8316] netlink: 12 bytes leftover after parsing attributes in process `syz.3.581'.
[  408.632471][ T8316] netlink: 'syz.3.581': attribute type 18 has an invalid length.
[  411.562479][ T8341] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  411.588717][ T8341] CIFS mount error: No usable UNC path provided in device string!
[  411.588717][ T8341] 
[  411.704138][ T8341] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  412.189637][   T28] audit: type=1107 audit(1763659105.283:125): pid=8332 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  420.045254][ T8399] bridge0: port 3(gretap0) entered blocking state
[  420.053594][ T8399] bridge0: port 3(gretap0) entered disabled state
[  420.060460][ T8399] gretap0: entered allmulticast mode
[  420.068140][ T8399] gretap0: entered promiscuous mode
[  420.074535][ T8399] bridge0: port 3(gretap0) entered blocking state
[  420.081606][ T8399] bridge0: port 3(gretap0) entered forwarding state
[  420.094820][ T8399] gretap0: left allmulticast mode
[  420.099890][ T8399] gretap0: left promiscuous mode
[  420.105286][ T8399] bridge0: port 3(gretap0) entered disabled state
[  420.626354][ T8402] loop0: detected capacity change from 0 to 1024
[  420.686411][ T8402] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  420.824257][ T8402] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  420.840984][ T8402] ext4 filesystem being mounted at /151/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  420.893540][ T8409] loop1: detected capacity change from 0 to 64
[  422.911963][ T5790] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  422.950810][ T8409] hfs: unable to locate alternate MDB
[  422.984443][ T8409] hfs: continuing without an alternate MDB
[  423.147196][ T8423] loop0: detected capacity change from 0 to 512
[  423.191988][ T8423] EXT4-fs: Ignoring removed mblk_io_submit option
[  423.302518][ T8423] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  423.468936][ T8423] EXT4-fs (loop0): DAX unsupported by block device.
[  424.465198][ T8435] loop1: detected capacity change from 0 to 512
[  425.223457][ T8435] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  425.264473][ T8435] ext4 filesystem being mounted at /142/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  425.418750][ T8451] netlink: 12 bytes leftover after parsing attributes in process `syz.3.616'.
[  425.432892][ T8451] netlink: 4 bytes leftover after parsing attributes in process `syz.3.616'.
[  427.017224][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  428.079574][ T8473] overlayfs: failed to clone upperpath
[  429.931097][ T5830] Process accounting resumed
[  430.033890][ T5797] Bluetooth: hci2: Malformed Event: 0x02
[  430.167763][ T8502] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  430.669940][ T8500] syzkaller0: entered promiscuous mode
[  430.750179][ T8500] syzkaller0: entered allmulticast mode
[  431.182810][ T8510] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  431.219138][ T8500] tipc: Resetting bearer <eth:syzkaller0>
[  431.242232][ T8516] netlink: 12 bytes leftover after parsing attributes in process `syz.3.627'.
[  431.272164][ T8499] tipc: Resetting bearer <eth:syzkaller0>
[  431.295049][ T8499] tipc: Disabling bearer <eth:syzkaller0>
[  431.307903][ T8516] netlink: 4 bytes leftover after parsing attributes in process `syz.3.627'.
[  432.196186][ T8529] loop2: detected capacity change from 0 to 128
[  432.206088][ T8529] EXT4-fs: Ignoring removed nobh option
[  432.524903][ T8529] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  432.975455][ T8529] ext4 filesystem being mounted at /146/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  433.248048][ T5785] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  433.388157][ T8495] Process accounting resumed
[  435.249930][ T8566] netlink: 12 bytes leftover after parsing attributes in process `syz.1.638'.
[  435.289517][ T8566] netlink: 4 bytes leftover after parsing attributes in process `syz.1.638'.
[  440.473057][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  440.479417][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  443.741308][ T8647] netlink: 4 bytes leftover after parsing attributes in process `syz.0.654'.
[  447.694869][ T8665] netlink: 12 bytes leftover after parsing attributes in process `syz.1.660'.
[  447.808150][ T8672] netlink: 4 bytes leftover after parsing attributes in process `syz.1.660'.
[  450.432928][ T8704] IPv6: Can't replace route, no match found
[  452.098454][ T8715] netlink: 4 bytes leftover after parsing attributes in process `syz.1.671'.
[  452.168167][ T8715] netlink: 4 bytes leftover after parsing attributes in process `syz.1.671'.
[  452.889662][ T8720] netlink: 12 bytes leftover after parsing attributes in process `syz.3.673'.
[  452.900554][ T8729] netlink: 4 bytes leftover after parsing attributes in process `syz.3.673'.
[  453.679958][ T8740] netlink: 'syz.1.675': attribute type 1 has an invalid length.
[  453.687757][ T8740] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.675'.
[  457.909224][ T8773] loop2: detected capacity change from 0 to 1024
[  459.803385][ T8773] hfsplus: unable to find HFS+ superblock
[  459.981068][ T8780] netlink: 4 bytes leftover after parsing attributes in process `syz.3.684'.
[  460.089207][ T8779] netlink: 4 bytes leftover after parsing attributes in process `syz.3.684'.
[  461.884801][ T8804] xt_ipcomp: unknown flags 12
[  462.500163][ T8816] loop1: detected capacity change from 0 to 512
[  462.507621][ T8816] EXT4-fs: Ignoring removed mblk_io_submit option
[  462.522825][ T8816] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  462.551701][ T8816] EXT4-fs (loop1): DAX unsupported by block device.
[  463.520712][ T8820] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  464.012019][ T8815] netlink: 'syz.3.695': attribute type 10 has an invalid length.
[  464.051252][ T8815] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  465.609004][ T8836] loop1: detected capacity change from 0 to 1024
[  466.386544][ T5797] Bluetooth: hci0: Malformed Event: 0x02
[  466.774621][ T8836] hfsplus: unable to find HFS+ superblock
[  469.218746][ T5797] Bluetooth: hci2: Malformed Event: 0x02
[  469.518736][ T8869] netlink: 100 bytes leftover after parsing attributes in process `syz.3.708'.
[  471.044843][ T5797] Bluetooth: hci1: Malformed Event: 0x02
[  471.235992][ T8874] netlink: 'syz.0.710': attribute type 10 has an invalid length.
[  472.696884][ T8884] loop1: detected capacity change from 0 to 1024
[  473.645469][ T8884] hfsplus: unable to find HFS+ superblock
[  477.038037][ T5797] Bluetooth: hci3: Malformed Event: 0x02
[  478.001598][ T5797] Bluetooth: hci2: Malformed Event: 0x02
[  478.870000][ T8920] loop0: detected capacity change from 0 to 512
[  478.912022][ T8920] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.721: inode has both inline data and extents flags
[  478.957631][ T8920] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.721: couldn't read orphan inode 15 (err -117)
[  479.052363][ T8920] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  480.423421][ T5797] Bluetooth: hci2: unexpected subevent 0x1a length: 10 > 6
[  480.728907][ T5790] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  481.504142][ T8943] loop0: detected capacity change from 0 to 2048
[  481.731358][ T5797] Bluetooth: hci1: Malformed Event: 0x02
[  481.738798][ T8952] loop2: detected capacity change from 0 to 256
[  481.789025][ T8943] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  481.851894][ T8952] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  481.887237][ T8952] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  481.902986][ T8952] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  484.009329][ T5790] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  484.281565][ T5797] Bluetooth: hci2: Malformed Event: 0x02
[  484.325621][ T8971] x_tables: duplicate underflow at hook 3
[  488.102179][ T5797] Bluetooth: hci2: Malformed Event: 0x02
[  493.265352][ T5797] Bluetooth: hci1: Malformed Event: 0x02
[  498.119064][ T5797] Bluetooth: hci2: Malformed Event: 0x02
[  501.855820][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  501.862314][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  502.692706][ T9129] loop1: detected capacity change from 0 to 2048
[  502.919495][ T9129] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  504.598651][ T9146] trusted_key: syz.2.771 sent an empty control message without MSG_MORE.
[  506.848925][ T9166] netlink: 4 bytes leftover after parsing attributes in process `syz.2.776'.
[  507.465531][ T5797] Bluetooth: hci1: Malformed Event: 0x02
[  511.945817][ T9207] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  511.954653][ T9207] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  511.963438][ T9207] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  511.972306][ T9207] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  512.732468][ T5797] Bluetooth: hci0: Malformed Event: 0x02
[  512.775415][ T5797] Bluetooth: hci1: Malformed Event: 0x02
[  513.928763][ T9237] loop2: detected capacity change from 0 to 2048
[  514.401023][ T9237] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  514.505720][ T5797] Bluetooth: hci2: Malformed Event: 0x02
[  518.578218][ T9268] sctp: failed to load transform for md5: -2
[  519.518475][ T5797] Bluetooth: hci1: Malformed Event: 0x02
[  519.574990][ T9292] loop2: detected capacity change from 0 to 4096
[  519.588179][ T9292] ext4: Unknown parameter 'noacl'
[  519.838424][ T5797] Bluetooth: hci1: Malformed Event: 0x02
[  520.295297][ T9303] loop1: detected capacity change from 0 to 128
[  520.337296][ T9303] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  520.425162][ T9303] UDF-fs: error (device loop1): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  521.115841][ T9309] sctp: [Deprecated]: syz.2.806 (pid 9309) Use of struct sctp_assoc_value in delayed_ack socket option.
[  521.115841][ T9309] Use struct sctp_sack_info instead
[  522.684587][ T5797] Bluetooth: hci0: Malformed Event: 0x02
[  524.252553][ T5797] Bluetooth: hci0: Malformed Event: 0x02
[  524.286633][ T9330] debugfs: Directory 'pty24' with parent 'caif_serial' already present!
[  527.080925][ T9357] sctp: [Deprecated]: syz.1.818 (pid 9357) Use of struct sctp_assoc_value in delayed_ack socket option.
[  527.080925][ T9357] Use struct sctp_sack_info instead
[  528.423031][ T9367] loop2: detected capacity change from 0 to 4096
[  530.030248][ T5797] Bluetooth: hci0: Malformed Event: 0x02
[  534.550128][ T5797] Bluetooth: hci0: Malformed Event: 0x02
[  535.876012][ T9451] loop2: detected capacity change from 0 to 128
[  536.189282][ T9454] loop0: detected capacity change from 0 to 2048
[  536.446108][ T9454] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  536.649091][ T9451] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  541.581979][ T5797] Bluetooth: hci2: Malformed Event: 0x02
[  541.593167][ T5797] Bluetooth: hci3: Malformed Event: 0x02
[  542.034915][ T9494] loop2: detected capacity change from 0 to 2048
[  542.503095][ T9494] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  542.576009][ T9496] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  543.057503][ T5797] Bluetooth: hci3: Malformed Event: 0x02
[  545.595906][ T9520] 9pnet_virtio: no channels available for device 
[  548.459754][ T9530] Process accounting resumed
[  549.477250][ T9545] loop0: detected capacity change from 0 to 2048
[  549.549475][ T9543] loop1: detected capacity change from 0 to 2048
[  550.170684][ T5797] Bluetooth: hci0: Malformed Event: 0x02
[  550.196246][ T9543] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  550.220520][ T9545] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  550.398790][ T9552] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  551.169637][ T5797] Bluetooth: hci0: Malformed Event: 0x02
[  552.432293][ T9583] Process accounting resumed
[  555.411645][ T5797] Bluetooth: hci0: Malformed Event: 0x02
[  556.503627][ T9628] loop2: detected capacity change from 0 to 16
[  556.630544][ T9628] erofs: (device loop2): erofs_read_inode: unsupported i_format 128 of nid 36
[  557.400983][ T9644] loop0: detected capacity change from 0 to 128
[  557.793127][ T9644] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  557.862532][ T9640] UDF-fs: error (device loop0): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  559.471727][ T5797] Bluetooth: hci1: Malformed Event: 0x02
[  561.030701][ T9701] loop2: detected capacity change from 0 to 128
[  561.071085][ T9701] ext4: Unknown parameter 'obj_role'
[  561.402327][ T9706] nbd: must specify an index to disconnect
[  563.380046][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  563.387102][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  568.210046][ T9749] openvswitch: netlink: Message has 16 unknown bytes.
[  573.805373][ T5830] Process accounting resumed
[  574.091545][ T9792] loop0: detected capacity change from 0 to 16
[  574.124613][ T9792] erofs: (device loop0): mounted with root inode @ nid 36.
[  576.373867][ T9815] netlink: 4 bytes leftover after parsing attributes in process `syz.0.916'.
[  576.424733][ T9815] netlink: 4 bytes leftover after parsing attributes in process `syz.0.916'.
[  576.568753][ T5797] Bluetooth: hci2: Malformed Event: 0x02
[  580.120670][ T9848] loop2: detected capacity change from 0 to 128
[  580.136211][ T9848] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  580.219653][ T9848] UDF-fs: error (device loop2): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  580.917138][ T9862] loop1: detected capacity change from 0 to 4096
[  581.253145][ T5797] Bluetooth: hci1: Malformed Event: 0x02
[  592.693170][   T28] audit: type=1326 audit(1763666967.622:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9959 comm="syz.1.954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f4c18f749 code=0x7ffc0000
[  592.830932][   T28] audit: type=1326 audit(1763666967.632:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9959 comm="syz.1.954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f4c18f749 code=0x7ffc0000
[  592.853684][   T28] audit: type=1326 audit(1763666967.632:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9959 comm="syz.1.954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f6f4c18f749 code=0x7ffc0000
[  592.935386][   T28] audit: type=1326 audit(1763666967.652:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9959 comm="syz.1.954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f6f4c18f783 code=0x7ffc0000
[  593.001599][   T28] audit: type=1326 audit(1763666967.652:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9959 comm="syz.1.954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f6f4c18f783 code=0x7ffc0000
[  593.239897][ T9967] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  594.376421][   T28] audit: type=1326 audit(1763666967.832:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9959 comm="syz.1.954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f4c18f749 code=0x7ffc0000
[  594.424120][   T28] audit: type=1326 audit(1763666967.832:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9959 comm="syz.1.954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f4c18f749 code=0x7ffc0000
[  595.000055][   T28] audit: type=1326 audit(1763666967.842:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9959 comm="syz.1.954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7f6f4c18f749 code=0x7ffc0000
[  595.006029][ T9964] loop1: detected capacity change from 0 to 512
[  595.030241][ T9960] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  595.816966][ T9964] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  596.352087][   T28] audit: type=1326 audit(1763666967.842:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9959 comm="syz.1.954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f4c18f749 code=0x7ffc0000
[  596.384977][   T28] audit: type=1326 audit(1763666967.842:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9959 comm="syz.1.954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f4c18f749 code=0x7ffc0000
[  596.813395][ T9960] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  596.855736][ T9964] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[  596.924625][ T9964] EXT4-fs: failed to create workqueue
[  596.971031][ T9964] EXT4-fs (loop1): mount failed
[  597.986588][ T9988] netlink: 12 bytes leftover after parsing attributes in process `syz.0.960'.
[  598.039612][ T9988] netlink: 4 bytes leftover after parsing attributes in process `syz.0.960'.
[  598.062963][ T9988] bond2 (unregistering): Released all slaves
[  598.116719][ T9991] loop1: detected capacity change from 0 to 128
[  598.161005][ T9991] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  598.295799][ T9991] UDF-fs: error (device loop1): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  598.652632][ T9993] loop2: detected capacity change from 0 to 32768
[  598.719028][ T9993] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.961 (9993)
[  599.105456][ T9993] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  599.115935][ T9993] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  599.124983][ T9993] BTRFS info (device loop2): using free space tree
[  599.217951][ T9993] BTRFS info (device loop2): enabling ssd optimizations
[  599.224997][ T9993] BTRFS info (device loop2): auto enabling async discard
[  600.793712][   T28] kauditd_printk_skb: 21 callbacks suppressed
[  600.793766][   T28] audit: type=1800 audit(1763666974.992:157): pid=10019 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.961" name="file2" dev="loop2" ino=261 res=0 errno=0
[  601.928438][T10026] syz_tun: entered allmulticast mode
[  602.983531][ T5785] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  603.751145][ T9776] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 10 /dev/loop2 scanned by udevd (9776)
[  604.818289][T10051] loop1: detected capacity change from 0 to 2048
[  604.856225][T10051] NILFS (loop1): invalid segment: Inconsistency found
[  604.882570][T10051] NILFS (loop1): trying rollback from an earlier position
[  605.170088][T10051] NILFS (loop1): recovery complete
[  605.221170][T10059] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  605.641837][T10072] xt_socket: unknown flags 0x50
[  605.935643][T10072] overlayfs: missing 'lowerdir'
[  609.659537][T10115] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[  609.807532][  T788] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  611.201078][  T788] usb 2-1: Using ep0 maxpacket: 16
[  611.215414][  T788] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  611.226999][  T788] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  611.238972][  T788] usb 2-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[  611.248447][  T788] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  611.268070][  T788] usb 2-1: config 0 descriptor??
[  611.590866][  T788] IPVS: starting estimator thread 0...
[  611.597408][T10106] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[  611.634817][  T788] usb 2-1: USB disconnect, device number 2
[  611.673554][T10133] netlink: 4 bytes leftover after parsing attributes in process `syz.0.992'.
[  611.702711][T10131] IPVS: using max 20 ests per chain, 48000 per kthread
[  611.703807][T10133] netlink: 4 bytes leftover after parsing attributes in process `syz.0.992'.
[  616.642503][T10190] loop2: detected capacity change from 0 to 1024
[  616.649922][T10190] EXT4-fs: Ignoring removed orlov option
[  617.467850][T10190] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  617.615352][T10190] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  618.923784][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  619.395664][T10205] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1012'.
[  619.472922][T10205] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1012'.
[  619.489981][T10205] bond2 (unregistering): Released all slaves
[  621.878779][T10231] netlink: 'syz.0.1018': attribute type 1 has an invalid length.
[  623.257759][T10245] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1021'.
[  623.282417][T10245] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1021'.
[  623.303613][T10247] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1022'.
[  623.376849][T10247] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1022'.
[  623.404463][T10247] bond3 (unregistering): Released all slaves
[  624.681558][T10266] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1026'.
[  624.693121][T10266] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1026'.
[  624.703053][T10266] netlink: 'syz.1.1026': attribute type 18 has an invalid length.
[  624.875525][T10266] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1026'.
[  624.885034][T10266] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1026'.
[  624.894582][T10266] netlink: 'syz.1.1026': attribute type 18 has an invalid length.
[  625.281152][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  625.920829][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  628.791238][T10299] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1035'.
[  629.561577][T10303] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1035'.
[  629.762798][T10303] bond3 (unregistering): Released all slaves
[  632.447324][T10343] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1046'.
[  632.727042][T10343] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1046'.
[  633.491267][T10353] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1049'.
[  633.544489][T10353] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1049'.
[  633.557099][T10353] bond3 (unregistering): Released all slaves
[  634.402580][T10364] loop1: detected capacity change from 0 to 128
[  634.803213][T10364] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  634.830096][T10364] UDF-fs: error (device loop1): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  635.241370][T10385] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1058'.
[  635.270247][T10385] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1058'.
[  635.472971][T10388] loop2: detected capacity change from 0 to 128
[  636.092509][T10388] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  637.325527][T10404] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1062'.
[  637.795021][T10404] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1062'.
[  637.809574][T10404] bond2 (unregistering): Released all slaves
[  638.245881][T10414] loop2: detected capacity change from 0 to 2048
[  638.294685][T10414] NILFS (loop2): invalid segment: Inconsistency found
[  638.333505][T10414] NILFS (loop2): trying rollback from an earlier position
[  638.376570][T10414] NILFS (loop2): recovery complete
[  638.504807][T10418] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  638.876077][T10421] loop1: detected capacity change from 0 to 128
[  638.982131][T10421] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  639.481578][T10429] xt_socket: unknown flags 0x50
[  639.489880][T10429] overlayfs: missing 'lowerdir'
[  642.877649][T10455] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1075'.
[  643.119666][T10455] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1075'.
[  643.356904][T10455] bond3 (unregistering): Released all slaves
[  646.507879][T10493] overlayfs: missing 'lowerdir'
[  646.746398][T10492] xt_socket: unknown flags 0x50
[  653.156655][T10543] netlink: 'syz.3.1096': attribute type 3 has an invalid length.
[  654.385018][T10562] loop1: detected capacity change from 0 to 128
[  656.734270][T10562] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  657.496843][T10568] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1101'.
[  658.562106][T10568] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1101'.
[  658.658278][T10568] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1101'.
[  658.702748][T10568] bond3 (unregistering): Released all slaves
[  664.651217][T10634] loop1: detected capacity change from 0 to 128
[  664.793010][T10634] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  665.229025][T10649] loop2: detected capacity change from 0 to 128
[  665.250311][T10649] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  666.001249][T10656] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1118'.
[  666.019691][ T5797] Bluetooth: hci0: Malformed Event: 0x02
[  666.969669][T10662] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1118'.
[  666.984945][T10665] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1118'.
[  667.004619][T10665] bond3 (unregistering): Released all slaves
[  667.385583][ T5797] Bluetooth: hci3: ACL packet for unknown connection handle 200
[  668.951767][T10679] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  671.443022][ T5787] Bluetooth: hci3: Malformed Event: 0x02
[  675.909024][ T5787] Bluetooth: hci2: Malformed Event: 0x02
[  679.110861][T10785] loop1: detected capacity change from 0 to 128
[  679.362545][T10785] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  679.398988][T10783] UDF-fs: error (device loop1): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  680.900992][ T5787] Bluetooth: hci3: Malformed Event: 0x02
[  683.679390][T10829] loop2: detected capacity change from 0 to 128
[  683.692691][T10829] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  683.748285][T10829] UDF-fs: error (device loop2): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  685.533365][ T5787] Bluetooth: hci2: Malformed Event: 0x02
[  686.164256][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  686.232672][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  687.683181][T10884] (null): rxe_set_mtu: Set mtu to 1024
[  687.697716][T10884] wg2 speed is unknown, defaulting to 1000
[  687.722158][T10884] wg2 speed is unknown, defaulting to 1000
[  687.739000][T10884] wg2 speed is unknown, defaulting to 1000
[  688.231317][T10884] infiniband syz2: set active
[  688.236452][T10884] infiniband syz2: added wg2
[  688.244327][T10884] syz2: rxe_create_cq: returned err = -12
[  688.250771][T10884] infiniband syz2: Couldn't create ib_mad CQ
[  688.257003][T10884] infiniband syz2: Couldn't open port 1
[  688.286734][T10884] RDS/IB: syz2: added
[  688.291881][T10884] smc: adding ib device syz2 with port count 1
[  688.298224][T10884] smc:    ib device syz2 port 1 has pnetid 
[  688.306505][T10884] wg2 speed is unknown, defaulting to 1000
[  688.392644][T10884] wg2 speed is unknown, defaulting to 1000
[  688.476226][T10884] wg2 speed is unknown, defaulting to 1000
[  688.559049][T10884] wg2 speed is unknown, defaulting to 1000
[  688.695293][   T23] wg2 speed is unknown, defaulting to 1000
[  688.708354][   T23] wg2 speed is unknown, defaulting to 1000
[  694.576223][ T5787] Bluetooth: hci2: Malformed Event: 0x02
[  700.135703][T10963] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1185'.
[  701.455880][T10970] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1187'.
[  701.993999][T10982] loop2: detected capacity change from 0 to 512
[  702.001730][T10982] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  702.357628][T10980] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[  706.255306][T11011] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1195'.
[  707.400820][T11041] dvmrp1: entered allmulticast mode
[  709.352443][T11054] loop1: detected capacity change from 0 to 8
[  709.737462][T11054] SQUASHFS error: lzo decompression failed, data probably corrupt
[  709.746376][T11054] SQUASHFS error: Failed to read block 0x91: -5
[  709.752753][T11054] SQUASHFS error: Unable to read metadata cache entry [8f]
[  709.759983][T11054] SQUASHFS error: Unable to read inode 0x11f
[  711.411426][T11069] wg1: entered promiscuous mode
[  711.416341][T11069] wg1: entered allmulticast mode
[  715.771363][T11099] loop1: detected capacity change from 0 to 2048
[  715.842744][T11099] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  716.938950][T11105] wg2 speed is unknown, defaulting to 1000
[  720.536698][T11128] loop1: detected capacity change from 0 to 1024
[  720.638111][T11128] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  721.592867][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  721.686564][T11143] netlink: 'syz.3.1222': attribute type 4 has an invalid length.
[  721.806960][T11146] netlink: 'syz.3.1222': attribute type 17 has an invalid length.
[  724.203136][T11172] tipc: Started in network mode
[  724.208252][T11172] tipc: Node identity 4, cluster identity 4711
[  724.214648][T11172] tipc: Node number set to 4
[  724.306332][T11174] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode
[  724.470199][T11174] bridge_slave_0: left allmulticast mode
[  724.513748][T11174] bridge_slave_0: left promiscuous mode
[  724.519568][T11174] bridge0: port 1(bridge_slave_0) entered disabled state
[  724.548320][T11174] bridge_slave_1: left allmulticast mode
[  724.554232][T11174] bridge_slave_1: left promiscuous mode
[  724.560454][T11174] bridge0: port 2(bridge_slave_1) entered disabled state
[  724.575309][T11174] bond0: (slave bond_slave_0): Releasing backup interface
[  725.261649][T11174] bond0: (slave bond_slave_1): Releasing backup interface
[  726.299737][T11174] team0: Port device team_slave_0 removed
[  726.354095][T11174] team0: Port device team_slave_1 removed
[  726.379911][T11174] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  726.396013][T11174] batman_adv: batadv0: Removing interface: batadv_slave_0
[  726.407128][T11174] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  726.433544][T11174] batman_adv: batadv0: Removing interface: batadv_slave_1
[  726.487570][T11174] bond1: (slave bridge1): Releasing active interface
[  726.646048][T11182] netlink: 'syz.2.1232': attribute type 10 has an invalid length.
[  726.668743][T11182] mac80211_hwsim hwsim3 wlan1: left allmulticast mode
[  726.692995][T11182] 8021q: adding VLAN 0 to HW filter on device bond0
[  726.712618][T11182] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  738.806507][ T5797] Bluetooth: hci3: Malformed Event: 0x02
[  741.864622][ T5797] Bluetooth: hci1: Malformed Event: 0x02
[  745.760974][ T5797] Bluetooth: hci2: Malformed Event: 0x02
[  747.591864][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  747.604251][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  752.426068][ T5797] Bluetooth: hci1: Malformed Event: 0x02
[  752.668666][T11406] overlayfs: bad index found (index=index/00fb210001a47ef261ea234313849bbb8fd05e4e421158fd02c906000000000000, ftype=2000, origin ftype=a000).
[  753.114212][ T5797] Bluetooth: hci0: Malformed Event: 0x02
[  758.178016][T11442] loop2: detected capacity change from 0 to 32768
[  758.358505][T11442] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  758.635573][T11442] XFS (loop2): Ending clean mount
[  760.113718][T11465] loop1: detected capacity change from 0 to 256
[  760.145190][ T5785] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  760.259819][T11465] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  761.199612][ T5797] Bluetooth: hci3: Malformed Event: 0x02
[  761.379874][T11475] loop1: detected capacity change from 0 to 4096
[  761.381515][ T5797] Bluetooth: hci3: Malformed Event: 0x02
[  761.431167][T11481] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  761.464421][ T5797] Bluetooth: hci0: Malformed Event: 0x02
[  762.627692][T11492] xt_ecn: cannot match TCP bits for non-tcp packets
[  766.081141][ T5797] Bluetooth: hci3: Malformed Event: 0x02
[  766.166565][ T5797] Bluetooth: hci2: Malformed Event: 0x02
[  766.187171][ T5787] Bluetooth: hci0: Malformed Event: 0x02
[  770.786011][ T5797] Bluetooth: hci3: Malformed Event: 0x02
[  771.572593][ T5797] Bluetooth: hci3: Malformed Event: 0x02
[  771.710454][T11575] loop2: detected capacity change from 0 to 512
[  772.875578][T11575] EXT4-fs (loop2): 1 orphan inode deleted
[  772.882886][T11575] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  772.922720][T11575] ext4 filesystem being mounted at /308/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  773.072775][T11575] syz.2.1326 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  773.272780][ T6774] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  773.282795][ T6774] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u4:21: Failed to release dquot type 1
[  773.359289][ T5797] Bluetooth: hci3: unexpected event for opcode 0x0000
[  773.480239][T11592] ceph: No mds server is up or the cluster is laggy
[  774.916300][T11605] IPVS: lblc: FWM 3 0x00000003 - no destination available
[  775.942510][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  781.501074][ T5797] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  781.509828][ T5797] Bluetooth: hci3: Injecting HCI hardware error event
[  781.518685][ T5797] Bluetooth: hci3: hardware error 0x00
[  781.704810][T11523] Bluetooth: hci2: Malformed Event: 0x02
[  784.531213][ T5797] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  788.194897][ T5797] Bluetooth: hci2: Malformed Event: 0x02
[  790.276420][ T5797] Bluetooth: hci0: Malformed Event: 0x02
[  794.901058][T11810] loop2: detected capacity change from 0 to 512
[  794.908329][T11810] EXT4-fs: Ignoring removed nomblk_io_submit option
[  794.930225][T11810] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  795.071474][T11810] EXT4-fs (loop2): 1 truncate cleaned up
[  795.078375][T11810] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  797.239460][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  799.274931][ T5797] Bluetooth: hci1: Malformed Event: 0x02
[  799.501635][ T5797] Bluetooth: hci0: Malformed Event: 0x02
[  805.348028][T11929] loop2: detected capacity change from 0 to 512
[  805.867080][T11929] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  806.158588][T11929] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.1399: iget: bogus i_mode (5)
[  806.396224][T11929] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.1399: couldn't read orphan inode 15 (err -117)
[  806.441218][T11929] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  806.455331][T11929] ext2 filesystem being mounted at /324/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  809.125174][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  809.136704][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  809.467871][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  813.436857][T11979] wg2 speed is unknown, defaulting to 1000
[  814.274843][T11985] loop2: detected capacity change from 0 to 1024
[  814.287112][T11985] EXT4-fs: Ignoring removed oldalloc option
[  814.293857][T11985] EXT4-fs: Ignoring removed orlov option
[  814.755150][T11985] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  814.930326][T11985] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  815.507404][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  817.577064][ T5797] Bluetooth: hci0: Malformed Event: 0x02
[  818.604795][T12020] loop1: detected capacity change from 0 to 128
[  818.645146][T12020] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  818.665541][T12020] UDF-fs: error (device loop1): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  819.924298][T12038] loop1: detected capacity change from 0 to 512
[  819.990338][ T5797] Bluetooth: hci1: Malformed Event: 0x02
[  819.994128][T12038] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  820.147426][T12038] ext4 filesystem being mounted at /340/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  820.577851][ T5797] Bluetooth: hci2: Invalid connection link type handle 0x00c9
[  821.241590][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  821.715369][ T5797] Bluetooth: hci1: Malformed Event: 0x02
[  824.917784][ T5797] Bluetooth: hci0: Malformed Event: 0x02
[  825.481018][ T5797] Bluetooth: hci2: Malformed Event: 0x02
[  825.609502][ T5797] Bluetooth: hci1: Invalid connection link type handle 0x00c9
[  826.683394][T12120] loop1: detected capacity change from 0 to 128
[  826.740712][T12120] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  826.782767][T12113] UDF-fs: error (device loop1): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  829.610377][ T5797] Bluetooth: hci1: Malformed Event: 0x02
[  833.427058][T12177] loop1: detected capacity change from 0 to 4096
[  833.602006][T12177] ntfs3: loop1: Failed to initialize $Extend/$ObjId.
[  836.820340][T12216] loop2: detected capacity change from 0 to 128
[  836.854412][T12216] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  836.885683][T12216] UDF-fs: error (device loop2): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  836.932833][ T5797] Bluetooth: hci2: Malformed Event: 0x02
[  842.777205][T12281] wg2 speed is unknown, defaulting to 1000
[  844.673186][T12284] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  844.782228][T12284] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  844.883598][T12284] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  844.895273][T12284] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  844.942518][T12284] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  844.975058][T12284] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  846.164663][ T5797] Bluetooth: hci0: command 0x0406 tx timeout
[  847.814503][T11523] Bluetooth: hci2: command 0x0406 tx timeout
[  847.821013][ T5797] Bluetooth: hci1: command 0x0406 tx timeout
[  848.367352][T12308] loop2: detected capacity change from 0 to 128
[  848.388352][T11523] Bluetooth: hci0: command 0x0406 tx timeout
[  848.420440][T12308] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  848.445823][T12308] UDF-fs: error (device loop2): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  849.104998][T12318] wg1: entered promiscuous mode
[  849.110334][T12318] wg1: entered allmulticast mode
[  849.752995][T12316] ªªªªªª: renamed from wg2 (while UP)
[  850.284402][ T5797] Bluetooth: hci1: command 0x0406 tx timeout
[  850.290889][T11523] Bluetooth: hci2: command 0x0406 tx timeout
[  850.819269][T11523] Bluetooth: hci2: Malformed Event: 0x02
[  851.570704][T12341] raw_sendmsg: syz.1.1493 forgot to set AF_INET. Fix it!
[  852.301818][T12351] loop2: detected capacity change from 0 to 256
[  852.321840][T12351] FAT-fs (loop2): Unrecognized mount option "shor†name=mixed" or missing value
[  855.948202][T11523] Bluetooth: hci0: Malformed Event: 0x02
[  857.246481][T12383] nvme_fabrics: missing parameter 'transport=%s'
[  857.253580][T12383] nvme_fabrics: missing parameter 'nqn=%s'
[  857.859503][T12399] netlink: 'syz.2.1508': attribute type 1 has an invalid length.
[  857.867440][T12399] netlink: 'syz.2.1508': attribute type 2 has an invalid length.
[  859.523429][T12407] loop1: detected capacity change from 0 to 1024
[  859.537562][T12407] EXT4-fs: Ignoring removed oldalloc option
[  859.544107][T12407] EXT4-fs: Ignoring removed orlov option
[  859.643499][T12407] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  860.166313][T12407] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  860.964221][ T5789] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  863.718463][T11523] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  864.222620][T12445] loop2: detected capacity change from 0 to 4096
[  864.662289][T12455] dvmrp1: entered allmulticast mode
[  865.644950][T12445] ntfs3: loop2: Failed to initialize $Extend/$ObjId.
[  867.731256][ T5797] Bluetooth: hci1: Malformed Event: 0x02
[  870.461288][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  870.467647][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  870.547146][T12497] xt_CT: You must specify a L4 protocol and not use inversions on it
[  873.996529][T12538] netlink: 108 bytes leftover after parsing attributes in process `syz.3.1543'.
[  875.780399][ T5797] Bluetooth: hci0: Malformed Event: 0x02
[  877.364380][T12564] loop1: detected capacity change from 0 to 256
[  877.427976][T12564] FAT-fs (loop1): Unrecognized mount option "shor†name=mixed" or missing value
[  878.096094][T12580] wg2 speed is unknown, defaulting to 1000
[  881.222189][T12604] loop1: detected capacity change from 0 to 128
[  881.230939][T12604] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  881.314687][T12604] UDF-fs: error (device loop1): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  884.275522][ T5797] Bluetooth: hci1: Malformed Event: 0x02
[  885.215712][ T5797] Bluetooth: hci1: Malformed Event: 0x02
[  885.833400][T12659] loop2: detected capacity change from 0 to 8
[  885.946861][T12659] SQUASHFS error: lzo decompression failed, data probably corrupt
[  885.955026][T12659] SQUASHFS error: Failed to read block 0x91: -5
[  885.961393][T12659] SQUASHFS error: Unable to read metadata cache entry [8f]
[  885.968589][T12659] SQUASHFS error: Unable to read inode 0x11f
[  888.403551][T12689] xt_CT: You must specify a L4 protocol and not use inversions on it
[  889.053180][ T5797] Bluetooth: hci0: Malformed Event: 0x02
[  889.068218][ T5797] Bluetooth: hci1: Malformed Event: 0x02
[  890.265964][T12703] loop2: detected capacity change from 0 to 64
[  890.305153][ T5797] Bluetooth: hci2: Malformed Event: 0x02
[  890.398171][T12703] hfs: get root inode failed
[  896.536668][T12749] No source specified
[  896.916809][T12763] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  896.992720][T12763] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  897.082410][T12765] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  897.099042][T12763] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  897.114354][T12763] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1589'.
[  897.866819][ T5797] Bluetooth: hci0: Malformed Event: 0x02
[  900.946301][T12799] netlink: 108 bytes leftover after parsing attributes in process `syz.1.1598'.
[  901.694574][ T5797] Bluetooth: hci0: Malformed Event: 0x02
[  902.806439][T12812] wg2 speed is unknown, defaulting to 1000
[  907.460251][T12854] overlayfs: failed to clone upperpath
[  910.957265][T12882] dvmrp1: left allmulticast mode
[  911.597708][ T5797] Bluetooth: hci0: Malformed Event: 0x02
[  914.491804][ T5797] Bluetooth: hci2: Malformed Event: 0x02
[  915.834043][T12917] overlayfs: failed to clone upperpath
[  917.268882][T12938] dvmrp1: left allmulticast mode
[  917.594185][T12915] wg2 speed is unknown, defaulting to 1000
[  920.131028][ T5797] Bluetooth: hci0: Malformed Event: 0x02
[  921.325771][T12988] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode
[  921.396963][T12988] ------------[ cut here ]------------
[  921.403497][T12988] WARNING: CPU: 0 PID: 12988 at net/mac80211/chan.c:2022 ieee80211_link_release_channel+0x154/0x180
[  921.414904][T12988] Modules linked in:
[  921.418863][T12988] CPU: 0 PID: 12988 Comm: syz.1.1639 Not tainted syzkaller #0
[  921.426756][T12988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  921.438565][T12988] RIP: 0010:ieee80211_link_release_channel+0x154/0x180
[  921.445925][T12988] Code: 7c 2d 00 00 74 08 48 89 df e8 68 39 e9 f7 bf 60 1e 00 00 48 03 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 41 b1 83 00 e8 fc dd 91 f7 <0f> 0b eb c5 48 c7 c1 1c c2 4a 8e 80 e1 07 80 c1 03 38 c1 0f 8c 51
[  921.466166][T12988] RSP: 0018:ffffc900053cf978 EFLAGS: 00010283
[  921.472857][T12988] RAX: ffffffff89f3b194 RBX: ffff88805c845598 RCX: 0000000000080000
[  921.481281][T12988] RDX: ffffc9000ccf9000 RSI: 000000000001e537 RDI: 000000000001e538
[  921.489662][T12988] RBP: 0000000000000000 R08: ffffffff8e4a8d6f R09: 1ffffffff1c951ad
[  921.498094][T12988] R10: dffffc0000000000 R11: fffffbfff1c951ae R12: ffff88805c846c08
[  921.506688][T12988] R13: 1ffff1100b908ab3 R14: ffff88805c8463c0 R15: dffffc0000000000
[  921.514987][T12988] FS:  00007f6f4d0226c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  921.524309][T12988] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  921.531013][T12988] CR2: fffffffffffffffd CR3: 0000000051c72000 CR4: 00000000003506f0
[  921.539034][T12988] Call Trace:
[  921.542407][T12988]  <TASK>
[  921.545376][T12988]  ieee80211_if_change_type+0x211/0xa70
[  921.551033][T12988]  ? do_raw_spin_unlock+0x121/0x230
[  921.556281][T12988]  ? cfg80211_mgmt_registrations_update_wk+0xa0/0xa0
[  921.563131][T12988]  ? cfg80211_mlme_purge_registrations+0x1d4/0x210
[  921.569709][T12988]  ieee80211_change_iface+0x5c/0x4c0
[  921.575110][T12988]  cfg80211_change_iface+0x812/0xf30
[  921.580441][T12988]  cfg80211_wext_siwmode+0x1de/0x2a0
[  921.585833][T12988]  ? cfg80211_wext_giwname+0x30/0x30
[  921.591246][T12988]  ? apparmor_capable+0x137/0x1a0
[  921.596313][T12988]  ? cfg80211_wext_giwname+0x30/0x30
[  921.601886][T12988]  ioctl_standard_call+0xd8/0x2b0
[  921.606950][T12988]  ? cfg80211_wext_giwname+0x30/0x30
[  921.612572][T12988]  wext_ioctl_dispatch+0x1cb/0x5f0
[  921.617728][T12988]  ? wext_ioctl_dispatch+0x5f0/0x5f0
[  921.623362][T12988]  ? iw_handler_get_private+0x1f0/0x1f0
[  921.628949][T12988]  ? wext_handle_ioctl+0x1c0/0x1c0
[  921.634155][T12988]  ? __might_fault+0xaa/0x120
[  921.638860][T12988]  ? __might_fault+0xc6/0x120
[  921.643635][T12988]  ? __might_fault+0xaa/0x120
[  921.648342][T12988]  wext_handle_ioctl+0x108/0x1c0
[  921.653590][T12988]  ? call_commit_handler+0xf0/0xf0
[  921.658764][T12988]  sock_ioctl+0x160/0x7a0
[  921.663229][T12988]  ? sock_poll+0x3d0/0x3d0
[  921.667693][T12988]  ? bpf_lsm_file_ioctl+0x9/0x10
[  921.672732][T12988]  ? security_file_ioctl+0x80/0xa0
[  921.677882][T12988]  ? sock_poll+0x3d0/0x3d0
[  921.682419][T12988]  __se_sys_ioctl+0xfd/0x170
[  921.687047][T12988]  do_syscall_64+0x55/0xb0
[  921.691601][T12988]  ? clear_bhb_loop+0x40/0x90
[  921.696320][T12988]  ? clear_bhb_loop+0x40/0x90
[  921.701109][T12988]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  921.707045][T12988] RIP: 0033:0x7f6f4c18f749
[  921.711816][T12988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  921.731978][T12988] RSP: 002b:00007f6f4d022038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  921.740433][T12988] RAX: ffffffffffffffda RBX: 00007f6f4c3e5fa0 RCX: 00007f6f4c18f749
[  921.748521][T12988] RDX: 0000200000000000 RSI: 0000000000008b06 RDI: 0000000000000006
[  921.756605][T12988] RBP: 00007f6f4c213f91 R08: 0000000000000000 R09: 0000000000000000
[  921.764688][T12988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  921.772823][T12988] R13: 00007f6f4c3e6038 R14: 00007f6f4c3e5fa0 R15: 00007ffe13146888
[  921.780978][T12988]  </TASK>
[  921.784026][T12988] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  921.791314][T12988] CPU: 0 PID: 12988 Comm: syz.1.1639 Not tainted syzkaller #0
[  921.798768][T12988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  921.808819][T12988] Call Trace:
[  921.812096][T12988]  <TASK>
[  921.815023][T12988]  dump_stack_lvl+0x16c/0x230
[  921.819710][T12988]  ? show_regs_print_info+0x20/0x20
[  921.824930][T12988]  ? load_image+0x3b0/0x3b0
[  921.829463][T12988]  panic+0x2c0/0x710
[  921.833403][T12988]  ? bpf_jit_dump+0xd0/0xd0
[  921.837938][T12988]  __warn+0x2e0/0x470
[  921.841932][T12988]  ? ieee80211_link_release_channel+0x154/0x180
[  921.848206][T12988]  ? ieee80211_link_release_channel+0x154/0x180
[  921.854462][T12988]  report_bug+0x2be/0x4f0
[  921.858800][T12988]  ? ieee80211_link_release_channel+0x154/0x180
[  921.865046][T12988]  ? ieee80211_link_release_channel+0x154/0x180
[  921.871291][T12988]  ? ieee80211_link_release_channel+0x156/0x180
[  921.877531][T12988]  handle_bug+0xcf/0x120
[  921.881775][T12988]  exc_invalid_op+0x1a/0x50
[  921.886276][T12988]  asm_exc_invalid_op+0x1a/0x20
[  921.891121][T12988] RIP: 0010:ieee80211_link_release_channel+0x154/0x180
[  921.897973][T12988] Code: 7c 2d 00 00 74 08 48 89 df e8 68 39 e9 f7 bf 60 1e 00 00 48 03 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 41 b1 83 00 e8 fc dd 91 f7 <0f> 0b eb c5 48 c7 c1 1c c2 4a 8e 80 e1 07 80 c1 03 38 c1 0f 8c 51
[  921.918013][T12988] RSP: 0018:ffffc900053cf978 EFLAGS: 00010283
[  921.924080][T12988] RAX: ffffffff89f3b194 RBX: ffff88805c845598 RCX: 0000000000080000
[  921.932044][T12988] RDX: ffffc9000ccf9000 RSI: 000000000001e537 RDI: 000000000001e538
[  921.940014][T12988] RBP: 0000000000000000 R08: ffffffff8e4a8d6f R09: 1ffffffff1c951ad
[  921.947979][T12988] R10: dffffc0000000000 R11: fffffbfff1c951ae R12: ffff88805c846c08
[  921.955954][T12988] R13: 1ffff1100b908ab3 R14: ffff88805c8463c0 R15: dffffc0000000000
[  921.963929][T12988]  ? ieee80211_link_release_channel+0x154/0x180
[  921.970182][T12988]  ? ieee80211_link_release_channel+0x154/0x180
[  921.976431][T12988]  ieee80211_if_change_type+0x211/0xa70
[  921.981979][T12988]  ? do_raw_spin_unlock+0x121/0x230
[  921.987182][T12988]  ? cfg80211_mgmt_registrations_update_wk+0xa0/0xa0
[  921.993859][T12988]  ? cfg80211_mlme_purge_registrations+0x1d4/0x210
[  922.000368][T12988]  ieee80211_change_iface+0x5c/0x4c0
[  922.005655][T12988]  cfg80211_change_iface+0x812/0xf30
[  922.010948][T12988]  cfg80211_wext_siwmode+0x1de/0x2a0
[  922.016231][T12988]  ? cfg80211_wext_giwname+0x30/0x30
[  922.021523][T12988]  ? apparmor_capable+0x137/0x1a0
[  922.026551][T12988]  ? cfg80211_wext_giwname+0x30/0x30
[  922.031836][T12988]  ioctl_standard_call+0xd8/0x2b0
[  922.036896][T12988]  ? cfg80211_wext_giwname+0x30/0x30
[  922.042185][T12988]  wext_ioctl_dispatch+0x1cb/0x5f0
[  922.047303][T12988]  ? wext_ioctl_dispatch+0x5f0/0x5f0
[  922.052674][T12988]  ? iw_handler_get_private+0x1f0/0x1f0
[  922.058219][T12988]  ? wext_handle_ioctl+0x1c0/0x1c0
[  922.063327][T12988]  ? __might_fault+0xaa/0x120
[  922.068005][T12988]  ? __might_fault+0xc6/0x120
[  922.072675][T12988]  ? __might_fault+0xaa/0x120
[  922.077445][T12988]  wext_handle_ioctl+0x108/0x1c0
[  922.082386][T12988]  ? call_commit_handler+0xf0/0xf0
[  922.087533][T12988]  sock_ioctl+0x160/0x7a0
[  922.091862][T12988]  ? sock_poll+0x3d0/0x3d0
[  922.096280][T12988]  ? bpf_lsm_file_ioctl+0x9/0x10
[  922.101213][T12988]  ? security_file_ioctl+0x80/0xa0
[  922.106327][T12988]  ? sock_poll+0x3d0/0x3d0
[  922.110736][T12988]  __se_sys_ioctl+0xfd/0x170
[  922.115330][T12988]  do_syscall_64+0x55/0xb0
[  922.119744][T12988]  ? clear_bhb_loop+0x40/0x90
[  922.124506][T12988]  ? clear_bhb_loop+0x40/0x90
[  922.129188][T12988]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  922.135082][T12988] RIP: 0033:0x7f6f4c18f749
[  922.139495][T12988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  922.159103][T12988] RSP: 002b:00007f6f4d022038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  922.167520][T12988] RAX: ffffffffffffffda RBX: 00007f6f4c3e5fa0 RCX: 00007f6f4c18f749
[  922.175489][T12988] RDX: 0000200000000000 RSI: 0000000000008b06 RDI: 0000000000000006
[  922.183454][T12988] RBP: 00007f6f4c213f91 R08: 0000000000000000 R09: 0000000000000000
[  922.191422][T12988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  922.199388][T12988] R13: 00007f6f4c3e6038 R14: 00007f6f4c3e5fa0 R15: 00007ffe13146888
[  922.207389][T12988]  </TASK>
[  922.210711][T12988] Kernel Offset: disabled
[  922.215128][T12988] Rebooting in 86400 seconds..