last executing test programs:

2m38.827532365s ago: executing program 3 (id=634):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x10003}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)

2m37.35898484s ago: executing program 3 (id=639):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000540)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000a80)={0x0, 0xaf, "132bf2b2631e4a669e5ab545f4df3af85ad7e43ec2b129366fe8ac9c1291a08c84ed3776ca81ad429d1e191a9da28672a0c89918f82b3644e9a664401d7ec9e25042e90414c4f943f35b4c60700c72b70000000000000003505b51bb8eeb1449cf9d99e7b3adbe3558ce2d6936970000000000000033bb5d6df9ccad91e68ef25fc13090e1d4fc2762b409ab624c2226c25046ec660f62e30273f0f80710a31a7e77320f2f4a668a4d04c2660c33d5"}, &(0x7f0000000180)=0xb7)

2m36.347196469s ago: executing program 3 (id=650):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', '#\x00'}, 0x28)
shutdown(r0, 0x0)
writev(r0, &(0x7f0000000740)=[{&(0x7f0000000280)='X', 0x1}], 0x1)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28)
readv(r0, &(0x7f0000000e40)=[{&(0x7f0000000f40)=""/250, 0xff1}], 0x1)
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x800, 0xffffffff, 0xbfdffffc}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x47f6, 0x0, 0x2, 0x0, 0x300)

2m31.747161448s ago: executing program 3 (id=655):
socket$inet6(0xa, 0x2, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000140)='./file1\x00', 0x2208046, &(0x7f0000000b80)=ANY=[], 0x1, 0x2ab, &(0x7f0000000740)="$eJzs3U9rY1UUAPDz8q8ZXaSIG0XwgS5clalbN40ygtiVEkFdaHBmQJIwMIWAFUy76idw6ffwI7hx4zcQ3Aru2kXlycvL60vaxJYaU5j+fqsz995z73nvDukqJ1+/MRo8fpbE8env0W4nUduLvThLYjtqUTqKRgAAL46zLIu/sttkPqitvxoAYBOKv/+Fu64FANiMTz//4uPu/v6jT9K0Ha91Tsa9JCJGJ+NeMd99Gt/GMJ7Ew+jEeUR2oYib+aJGmtuOt0eTcS/PHH3162z/7p8R0/zd6MT21fwPP9p/tJsWLvJfKqtLo/u0Wf6jE68uz3/3cn6MJtFrxTtvzdW/E5347Zt4FsN4HHlulf/Dbpp+kP14+v2X+TF5flKL3tZ0XSWrb+ZGAAAAAAAAAAAAAAAAAAAAAAC4D3bSNCna90z79+RD0/454179fDq/k5bm+/tMyv5ASblR0R8oi1mLnkkWP5X9dR6maZrNFlb5jXi94YcFAAAAAAAAAAAAAAAAAAAAIHfw3eGgPxw+eb6WoOwGUH6t/7b77M2NvBmHg3599YZbNz+rcVQ9eF7rvy6ORiPW9FquCx7k9ax9563qcj+LIigvZq1nvfJ+senhoJ/OpsqXPOgn153VLi/u5/mpVvzXwrLpf4nzbPFO2xelLma11vQ2Wi8vnfo7y7Kb7fPeH8UdzUaSaYuNm53enAVLHzAP2lfv4pfVG678yKiv55MHAAAAAAAAAAAAAAAAAAC4rPrS75LJ4xVJxXjtfy0MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADao+v3/MmhHxOLIYtCskleuqYJWPD+4y+cDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgfvgnAAD///PnTH8=")
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x6, 0x12, 0xffffffffffffffff, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000100)=@ocfs2_parent={0x18, 0x2, {{0x2, 0x5, 0xa}, {0xd082, 0xd, 0x9}}}, 0x201)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@gettclass={0x24, 0x2a, 0x400, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x0, 0x9}, {0xfff3, 0xe}, {0xd, 0x6}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x20008000)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000440)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x8)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000200)=@newlink={0x44, 0x10, 0x437, 0x0, 0xffffffef, {0x0, 0x0, 0x0, r2, 0x50487, 0x80c4}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x4e21}, @IFLA_GRE_LINK={0x8, 0x1, r2}]}}}]}, 0x44}}, 0x20008884)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000001c0)=[{{&(0x7f0000000240)={0xa, 0x4e22, 0x6, @local, 0xa}, 0x1c, 0x0}}], 0x1, 0x2008c0c0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=@newtclass={0x24, 0x28, 0x10, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0xfff1, 0xffff}, {0x6, 0xfff3}, {0x6, 0x8}}}, 0x24}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2m29.596648093s ago: executing program 3 (id=658):
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
splice(r1, 0x0, r0, 0x0, 0x401, 0x0)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000001000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000180)={[{@errors_remount}]}, 0xfe, 0x274, &(0x7f0000000980)="$eJzs3b9rJGUcB+Dv7I/EmBCiNjaKICIaCLEQBBttFAISRERQISJiJYkQkzZrZWNhr5LKJoid0VJswjX3B+TuUuSaa8IVF+7grthjdnaPzWaT7GV3Z46b54HdmXf3fed9F+bzzgQyMwGU1lxEvBcR1YiYj4h6RCTdFV7JXnPt4vbU3kpEs/nJ7aRVLytnOu2mI6IREe9E1Drfbe5+cXh3/8PXf96ov/bH7udTef2+bkeHBx8d/778099Lb21W2p/NtJfdv2OUkj6f1ZKI58fR2RMiqRU9Agbz17U09y9ExKut/Nej0o7sL+sT/9fjzd/6t5s4znecwDg0m/X0GNhoAqVTaZ0DJ5WFiMjWK5WFhewc/no1ie/W1n+Y/3ZtY/WbomcqYASSRvZ378EH/07+M92T/1vVLP8DeXvMIwXGIs3/px/v3EjXj6tFjwbIxUvZIs3//Fdbb4T8Q+nIP5SX/EN5yT88Bc7L7uTZX8k/lJf8Q3kNmv9GjmMCRqTeWemf4OGP//fa/0F4+SECeZttvTv/h/LqyX8h1+MCxejOPwBQLs3Jgi9ABgpT9PwDAAAAAAAAAAAAAAAAAACctj21t9J55dXnlV8jjt6PiNrJ/rPHFlRbzyOOeKb1/uydJK32SJI1G8qXQ7Yf1p8jvvp6+ZznPfQze3O0/T+uqy+PZ7s/niyeeW+7rdWIRlp5sVY7vf8n7f3vQmdu/7kLGta/HqyDUUl6yu9+lm//vR7sFNv/0n7Ef+n8s9hv/qvEi61l//lnpvsWy5f0/f0hNwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBuHgYAAP//LMRxVQ==")
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x9)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x5, 0x0, 0x2f)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
setxattr$system_posix_acl(0x0, 0x0, &(0x7f0000000100)=ANY=[], 0x2c, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x20080, 0x51)
ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000080)={0x8})
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
socket$unix(0x1, 0x1, 0x0)
link(&(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000007c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1acd060, 0x0, 0xfc, 0x0, &(0x7f00000000c0))

2m29.376086866s ago: executing program 3 (id=660):
syz_mount_image$hfsplus(&(0x7f0000000080), &(0x7f0000000640)='./file0\x00', 0x1000004, &(0x7f0000000cc0)=ANY=[], 0x4, 0x5d9, &(0x7f00000010c0)="$eJzs3U9rHOcdB/DvrNZrrQuOktiJ2wYqUvqHitqS1m2TgqlaTNEhlIBfgajlWHitBGlTlByKXfxCUoLeQC+55OCDz+1LEPRYKPRURC8uMzu72tiyLCWWdhV/Pvaz8zx6Zn7zm9/OjHZXAgV4aS3PpfkwRZbn3tsqxzvbne7OdufuoJ/kbJJG9T/NsvvPZOpBMpt+y3eTFHW44ln7ufbF5818ef9Gf9SoW7X+1EHbHc69umWpTnLpBcZ79I3jFcMjLINeHwSfBI+f7z/HuPupY4zNYbT6i+IZz8VMci7JdH0fGJy4jRPM8FhMzAUIAAAAx+iV3exmK+fHnQcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcJvXf/y/q1hj0Z1MM/v5/q/5a6v6p9nDcCQAAAAAAAADAC/CD3exmK+cH48dF9TP/t6vBherxO/k4m1nNRi5nKyvppZeNLCSZGQnU2lrp9TYWDrHl4r5bLp7M8QIAAAAAAADAt9Rfsrz3838AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJgERTLVX1TtwqA/k0YzyXSSVrneveQfg/5p9nDcCQAAAMAJeGU3u9nK+cH4cVG953+jet8/nY+znl7W0ks3q7lZfRbQf9ff2NnudHe2O3fL9nTc3/77SGlUEdP/7GH/PV+q1mjn1p1mvc0f82G6uZlGtWXp0iCf/fO6X+ZU/KZ2yMxu1ssiKb5ffxoyGWaqipzJraxVNZqvcyur8erBlTjis/PknhbSGH7yc+EYan6uXpY1n57omi+OnH1vHFyJ5EfX/rt+u7t+5/atzbnJOaSv6clKdEYq8eZLVYn5qhIXh+Pl/D43MpfZvJ+NrOVPWUkvq5nN9aq3Up/P5ePMwZVa+sro/edl0qqfl/5d9Gg5vV1tez5r+UM+zM2s5pdZzNW8k4X8qvp3deQZvniIq75xtKv+hz+tO68lRbu/nBBlXV8dqevoPXemmhv9yl6VXnvx98bm9+rOVFI0hzlNgicrsTBSidcPrsRfH5ePm931Oxu3Vz465P5+Ui/L7xJnn/td4iTr1KrP3v4rla+eHeXc6/vOLVRzF4ZzjafmLg7nnnelturXcE9HWqzm3tx3rlPNXRqZaw/nLg9fbwEw8c797Fyr/a/239uftR+0b7ffm/7d2XfOvtXKmUdnft2cn/px463ib/ksf957/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHx9m598emel213d0NHR0Rl2xn1n4iRc6d396MrmJ5/+fO3uygerH6yud+Z/sfhuZ2Hx3atXbq11V+f7j+NOk2Oyd9GPOxMAAAAAAAAAAACO4iR+nXTcxwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDpsTyX5sMUWZi/PF+Od7Y73bIN+ntrNpI0y+X/kqkHyWz6LTMj4Ypn7efaF5838+X9G3uxGoP1pw7a7nDu1S1LdZJLLzDeo28crxgeYRn0+iA4jNv/AwAA///YHBzc")
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x11c0, 0x0)
getdents(r0, &(0x7f00000001c0)=""/179, 0x6b)
r1 = open(&(0x7f0000000140)='.\x00', 0x8000, 0x112)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ef9000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000ffc000/0x4000)=nil)
r2 = userfaultfd(0x0)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x40})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1})
mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
ioctl$UFFDIO_REGISTER(r2, 0x8010aa01, &(0x7f00000000c0)={{&(0x7f0000ffb000/0x3000)=nil, 0x3000}, 0x6})
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)
unlink(&(0x7f0000000000)='./file0\x00')

2m13.852554231s ago: executing program 32 (id=660):
syz_mount_image$hfsplus(&(0x7f0000000080), &(0x7f0000000640)='./file0\x00', 0x1000004, &(0x7f0000000cc0)=ANY=[], 0x4, 0x5d9, &(0x7f00000010c0)="$eJzs3U9rHOcdB/DvrNZrrQuOktiJ2wYqUvqHitqS1m2TgqlaTNEhlIBfgajlWHitBGlTlByKXfxCUoLeQC+55OCDz+1LEPRYKPRURC8uMzu72tiyLCWWdhV/Pvaz8zx6Zn7zm9/OjHZXAgV4aS3PpfkwRZbn3tsqxzvbne7OdufuoJ/kbJJG9T/NsvvPZOpBMpt+y3eTFHW44ln7ufbF5818ef9Gf9SoW7X+1EHbHc69umWpTnLpBcZ79I3jFcMjLINeHwSfBI+f7z/HuPupY4zNYbT6i+IZz8VMci7JdH0fGJy4jRPM8FhMzAUIAAAAx+iV3exmK+fHnQcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcJvXf/y/q1hj0Z1MM/v5/q/5a6v6p9nDcCQAAAAAAAADAC/CD3exmK+cH48dF9TP/t6vBherxO/k4m1nNRi5nKyvppZeNLCSZGQnU2lrp9TYWDrHl4r5bLp7M8QIAAAAAAADAt9Rfsrz3838AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJgERTLVX1TtwqA/k0YzyXSSVrneveQfg/5p9nDcCQAAAMAJeGU3u9nK+cH4cVG953+jet8/nY+znl7W0ks3q7lZfRbQf9ff2NnudHe2O3fL9nTc3/77SGlUEdP/7GH/PV+q1mjn1p1mvc0f82G6uZlGtWXp0iCf/fO6X+ZU/KZ2yMxu1ssiKb5ffxoyGWaqipzJraxVNZqvcyur8erBlTjis/PknhbSGH7yc+EYan6uXpY1n57omi+OnH1vHFyJ5EfX/rt+u7t+5/atzbnJOaSv6clKdEYq8eZLVYn5qhIXh+Pl/D43MpfZvJ+NrOVPWUkvq5nN9aq3Up/P5ePMwZVa+sro/edl0qqfl/5d9Gg5vV1tez5r+UM+zM2s5pdZzNW8k4X8qvp3deQZvniIq75xtKv+hz+tO68lRbu/nBBlXV8dqevoPXemmhv9yl6VXnvx98bm9+rOVFI0hzlNgicrsTBSidcPrsRfH5ePm931Oxu3Vz465P5+Ui/L7xJnn/td4iTr1KrP3v4rla+eHeXc6/vOLVRzF4ZzjafmLg7nnnelturXcE9HWqzm3tx3rlPNXRqZaw/nLg9fbwEw8c797Fyr/a/239uftR+0b7ffm/7d2XfOvtXKmUdnft2cn/px463ib/ksf957/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHx9m598emel213d0NHR0Rl2xn1n4iRc6d396MrmJ5/+fO3uygerH6yud+Z/sfhuZ2Hx3atXbq11V+f7j+NOk2Oyd9GPOxMAAAAAAAAAAACO4iR+nXTcxwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDpsTyX5sMUWZi/PF+Od7Y73bIN+ntrNpI0y+X/kqkHyWz6LTMj4Ypn7efaF5838+X9G3uxGoP1pw7a7nDu1S1LdZJLLzDeo28crxgeYRn0+iA4jNv/AwAA///YHBzc")
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x11c0, 0x0)
getdents(r0, &(0x7f00000001c0)=""/179, 0x6b)
r1 = open(&(0x7f0000000140)='.\x00', 0x8000, 0x112)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ef9000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000ffc000/0x4000)=nil)
r2 = userfaultfd(0x0)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x40})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1})
mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
ioctl$UFFDIO_REGISTER(r2, 0x8010aa01, &(0x7f00000000c0)={{&(0x7f0000ffb000/0x3000)=nil, 0x3000}, 0x6})
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)
unlink(&(0x7f0000000000)='./file0\x00')

13.327474122s ago: executing program 4 (id=942):
prlimit64(0x0, 0xe, &(0x7f0000000b40)={0xa, 0x8b}, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x44004000)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a94000000060a010400000000000000000a00000154000480500001800b00010074617267657400004000028008000240000000012c0003007339f2f10455afb9fdd672bad09dfb78c7699c74e891a0c70000000000000000000000000000000008000100544545000900020073797a32000000000900010073797a31000000001400058008000140000089170800024000000002140000001100010000"], 0xbc}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)

13.288760355s ago: executing program 2 (id=943):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58)
r4 = accept4(r3, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000200)="ad56b6cc0400aeb995298992ea5400c2", 0x10)
sendmmsg$unix(r4, &(0x7f0000000680), 0x4924924924925c6, 0x0)

11.801178541s ago: executing program 4 (id=945):
r0 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_WOWLAN(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x28}}, 0x0)
getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="340000001000390400"/20, @ANYRES32=r3, @ANYBLOB="8106e2bc00000200140012800b000100627269646765"], 0x34}}, 0x20044002)
r4 = socket(0x10, 0x803, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000180)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@ipv6_newaddr={0x18, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r6}}, 0x18}}, 0x0)
r7 = socket(0x10, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14)
sendmsg$nl_route(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r8}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_FLAGS={0x8, 0x8, 0x681}]}, 0x34}}, 0x0)

10.371743235s ago: executing program 2 (id=946):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff})
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route_sched(r2, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x2}, 0x2, r4}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newtaction={0x88, 0x32, 0xffff, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x74, 0x1, [@m_mirred={0x70, 0x1, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x4, {{0xffdff7e8}}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x1, 0x0, 0x1, 0x400, 0xfffffff7}, 0x2}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a70000000060a090400000000000000000200000044000480140001800c0001006e6f747261636b00040002802c0001800e000100696d6d656469617465000000180002800c00028005000100c400000008000140000000090900010073797a30000000000900020073797a320000000020000000080a05000000000000000000020000000900010073797a300000000014000000110001"], 0xb8}}, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x8042, 0x0)
fcntl$setlease(r5, 0x400, 0x1)
fcntl$setlease(r5, 0x400, 0x1)
getsockname$packet(r5, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000180)=0x14)

10.10797149s ago: executing program 2 (id=949):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_io_uring_setup(0x110, &(0x7f0000000380)={0x0, 0x10, 0x0, 0x5, 0x80}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0xfffffffffffffffc, &(0x7f0000000000)=[0xffffffffffffffff], 0x1})
io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0)

9.090985719s ago: executing program 0 (id=950):
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x1)
syz_open_dev$video(0x0, 0x8, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0)
syz_open_dev$vim2m(0x0, 0x0, 0x2)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmmsg$inet(r1, &(0x7f00000020c0)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000500)="0c1874268c0000bd3f4c2ee4c3e4fdfea05e8e04a1a42a60557fb65e7388442bcb546079b365311561bb95fb1aff7128184ea4ca0f437142f62b8f3200e2eb47d44e67968ef5a2b24506d380fd62fac61aa99133d75de2774168ed1224dee2e650791e490c7c3f514a1b39c61d40894d45c2205a1d988b31cd6dc9ba0908fb6e4cd35d064b5085cd470e8282240c64159ba4b6b084446629f37ec8700db7d6dea32c10c93f7f19f2de78816ca02e67b7ab59f59fdf2bea3156f5938df17892e404e8ae", 0x6e}], 0x1, 0x0, 0x0, 0x2000000}}], 0x800000000000369, 0x44000)

7.729999769s ago: executing program 0 (id=951):
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000ac0)=@newtfilter={0x84, 0x2c, 0xd27, 0x70bd2d, 0x25dfdc00, {0x0, 0x0, 0x0, r8, {0x0, 0x3}, {}, {0xfff3, 0xffe0}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0xd, 0xd0ea, 0x10000000, 0x3, 0x4}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x50}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@gettfilter={0x24, 0x2e, 0x205, 0x70bd2c, 0x25dfdafd, {0x0, 0x0, 0x0, r9, {0xc, 0xc}, {0x0, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x4041080)

7.586381177s ago: executing program 4 (id=952):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000002, 0x4012831, 0xffffffffffffffff, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)={0x30, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}], @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x99}]}, 0x30}}, 0x0)

7.498657342s ago: executing program 0 (id=953):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000))
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[], 0x44}, 0x1, 0x0, 0x0, 0x850}, 0x48850)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x4000081, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wg2\x00'})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x5, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0xfffffffffffffffe, 0x2000000, 0x0, 0x1c, 0xffffffffffffffff, 0xffffffffffffffff, 0x6], 0x0, 0x41901})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

5.691403748s ago: executing program 4 (id=954):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r2 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r3 = userfaultfd(0x1)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f0000000000)="1c681411f7a496c0dacc6a3c24465b016f64b4c00b5f7c691cb24cb8000000001a0000200000000000201500", 0x0, 0x48)
ioctl$UFFDIO_WAKE(r3, 0x8010aa02, 0x0)

5.444648732s ago: executing program 0 (id=955):
openat$sysfs(0xffffffffffffff9c, 0x0, 0x48b82, 0x0)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
r1 = dup(r0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000140)={0x0, 0x1}, &(0x7f0000000180)=0x8)
setsockopt$inet_sctp_SCTP_MAXSEG(r1, 0x84, 0xd, 0x0, 0x0)

5.206024226s ago: executing program 1 (id=956):
socketpair$unix(0x1, 0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
timer_create(0x2, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x80800, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000280), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000000180)={{0x1, 0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r2, 0x40505412, &(0x7f00000000c0)={0x3, 0x3, 0x0, 0x0, 0xf})

4.46031287s ago: executing program 4 (id=957):
socket$inet6(0xa, 0x80003, 0xff)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket(0x2a, 0x2, 0x0)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03", 0x3}], 0x1}, 0x0)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r4=>0x0)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010426bd7000f8dbdf250200000008000100", @ANYRES32=r4], 0x1c}}, 0x4008054)
write$nci(r1, &(0x7f0000000240)=ANY=[@ANYBLOB='p\x00\t'], 0xc)
write$nci(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="5001"], 0x14)
write$nci(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="500238", @ANYRES64=r0], 0x3b)

4.216288314s ago: executing program 1 (id=958):
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x3, 0x0, 0x5})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e21, 0x5, @loopback, 0x4}, 0x1c)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002c00)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000340)="c28b78084fe9d655b28a5ee633984698bd2c7feee6d4", 0x16}, {&(0x7f0000000b40)}], 0x2}}], 0x1, 0x4040)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x3048001, &(0x7f0000000600)={[{@noinit_itable}, {@errors_remount}]}, 0x41, 0x4d0, &(0x7f0000000640)="$eJzs3VFrHFsdAPD/TLL3pr25bq7Xh3sL1mIradHuJo1tgw9tBdGnglrfY0w2IWSTDcmmbUKRFD+AIKKCTz75IvgBBOlHEKGg76JFEW31wQd1ZWdna5rsplvc7HqT3w9O55w5s/n/z8LO7NmZzgRwal2IiDsRMRIRVyKimK9P8zLXbOy1tnvx/NFCsyTRaNz7SxJJvq79t5J8+U7rJTEWEV//SsS3kk6Rd1fnq9XKZt4q19c2yls7u1dX1uaXK8uV9ZmZ6RuzN2evz071Ppi0e9dERNz60rMffPenX771y889+N3cny5/u5nWeN6/fxz91Bp6IXsv2kYjYvM4gg3JaDZCAAA+Ct6PiI9HxKez7//FGMm+zQEAAAAnSeP2ePwziWgAAAAAJ1aaXQObpKX88tnxSNNSqXUN7yfibFqtbdU/u1TbXl9s9U9EIV1aqVam8muFJ6KQNNvT+TW27fa1A+2ZiHgvIr5fPJO1Swu16uKwf/wAAACAU+KdA/P/vxdb8/8DNoaSHAAAANA/E8NOAAAAADh25v8AAABw8pn/AwAAwIn21bt3m6XRfv714v2d7dXa/auLla3V0tr2QmmhtrlRWq7VlrN79q297u9Va7WNz8f69sNyvbJVL2/t7M6t1bbX63MrrzwCGwAAABig9z715LdJROx94UxWmj4cdlLAQKRvsvEfji8PYPBGhp0AMDSjR/QlA8wDGLzCsBMAhu51x/qPdev4Vf9zAQAAjsfkh4fP/xeHnRQwEG90/h8AOBGOOv8PnGwFVwDCqdf1/H6u6807Dp3/v91lw0bjjZMCAAD6ajwrSVrKzwWOR5qWShHvZo8FKCRLK9XKVD4/+E2x8HazPZ29MvH/gwAAAAAAAAAAAAAAAAAAAAAAAACgR41GEg0AAADgRItI/5hkd/OPmCxeGj/4+8BbyT+K2TIiHvz43g8fztfrm9PN9X99ub7+o3z9tWH8ggEAAACnxLPen8TXnqe35/EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0E8vnj9aaJdBxv3zFyNiolP80RjLlmNRiIizf0tidN/rkogY6UP8vccR8UGn+EkzrZjIs+gU/8zA4yd9iAi0PWnuf+50+vylcSFbdv78j+blf9V9/5e+3P+NdNn/vNtjjHNPf17uGv9xxLnRzvufdvwki3Y4/sUe43/zG7u7+5pv7+9r/CRisuPxJ3klVrm+tlHe2tm9urI2v1xZrqzPzEzfmL05e312qry0Uq3k/3aM/71P/uLfR43/bJf4Ey/H3/n9v9Tj+P/19OHz91vVQqf4ly92Pv5+0CV+mh/7PpPXm/2T7fpeq77f+Z/9+vxR41/sMv6x14z/co/jv/K17/y+x00BgAHY2tldna9WK5sqKkOovBX/F2moHKoMe88EAAD023+/9A87EwAAAAAAAAAAAAAAAAAAADi9BnE7sYMx94YzVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAI/0nAAD//1Sb0+w=")
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40015}, 0x44080)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x2, 0x2, 0x0, 0x4002004c4, 0x1004, 0x8000000000000000, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0xb3, 0x8d], 0xeeee8000, 0x2010d3})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4.215124974s ago: executing program 2 (id=966):
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000100))
mprotect(&(0x7f0000008000/0x4000)=nil, 0x4000, 0x1000002)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, 0x2}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x50, 0x3, 0x1, 0x101, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @remote}}}}]}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x292}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000000)

4.084073802s ago: executing program 4 (id=959):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, 0x0)
unshare(0x64000600)
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f0000000040)=[{&(0x7f0000000000)="290000002000190f00003fffffffda060200000000e80001dd0000040d001800ea11c21d0005000000", 0x29}], 0x1)

2.190583782s ago: executing program 2 (id=960):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f00000002c0)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = semget$private(0x0, 0x20000000102, 0x0)
semctl$GETPID(r4, 0x2, 0xb, 0x0)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0)

2.098365377s ago: executing program 1 (id=961):
socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002d00)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff4870000002000000480000000000000095000000000000002ba728041598d6fbd307ce99e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f071326bd9174842fa9ea4318123341cf9d90a0e168c1884d005d94f204e345c652fbc1626e3a2a2ad35806150ae0209e62f51ee988e6e0dc84e974a22a550d6f97181980400003e05df3ceb9f1feae5737ecaa81d666963c474c2a19eed87b277be335c75e04ad6ee1cbf9b0a4def23d410f6296b32ae343881dcc7b1b85f3c3d44ae8a3a3641110bfc4e90a634196508000000000000f0f4ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd5821124dcecb0c005d2a1bcf9436e101040000f73902ebcfcf49822775985b231f000000ccb0ecf31b715f5888b2a858ab3f11afc9bd08c676d2b89432fb465b3dad9d2ba7f1521b3ebb0cc52f49129b9b6150e320c9901de2eb879a15943b6dc8ea15aab9dd6968698e3095c4c5c7a156cec33a7bb727667d81ff2757ca1e5efdd4c968dacf81e65998b9091957d1d11a5730baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba165d876defd3541772f26e27c44cfd7bb5097379cf1756869cebc7b0b2d85d6d29983e830a9cdd1d0a017c100344c52a6f387a1340a1c8889464f90c284a4db539621fbb70f01a2c02dec4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae610afd01409d9a337ac5d58bcb5e5fc231514952c5255f22bd8b325d9b76e57f041b665ab0249886c0a65cc99d5893521372c8d8b7bacac24000020a4a24d8dbd75062e1daef9dead619cc6e7baa72706287793c3d2a2661edcd3545236c204682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b993508000000e480cd9d4850a049ee19b67d17ef0477aeb12b1d255be1ed66d9051f22614d1f62734d678039a97d2b74f9e8e97f4e8e7025123e783df8b8a17e3a9a7d85832f9acee4f1b56e9623128d743792cead3c058a5b700d64d160abe33df726608510136ce8bf239414a1d98ea93e3d35dbb6c23b90cf36e83b8a4309b402d264b09f2779a0bcb02e69d384146056d125cf4aadd80800000000000000e88d10acd06864eac44c42fbe334bdc3e9768fc360b130dc6111fe3293e8e02f819a2aa34dba1c25be27945507a3477b437525b81aef2f0b4c4f63483026b5e34d44705b76ef29f7f6e0a2be625eae975e02069f6f24e1e1bc976d965ddabb01085f16bff63a06578d6d184e5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8eae87691e6e365a70c3f15871565bba8dd8a8ca049f798abe646f738bebdfc9d8a5edd7a19ca7a42bc3f1db37c17f22a287c6d31a13db5dfef409eb1d3c91c05000000000000000c4736c81936315418f26770cca4e2f89800d18c2a30003b952ae1ebfd0ca88368ee6ce139e8b5822422cf4c9dde943d34c432e1001171792c65986146666a549092398af45ba38c41fa7e0fffeac41824ca1fd0eb68aa243c9035c788d5480e5aee9c9e5f2e5a3628995b1531bd20360d33d8f9ffffff5f4bf6ea0000000000000080ca02ee3686da707b56d8db491ba0cc33f6be92c55969a2b52a25419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9bc31f09832d4788be2a442aa81b259e9eb1bf5314844051f3a642aca9ff98c9036471ccff0522903e7bcf62e18f7796bbc280b95e8e0d6fd5644b0ebde3885b06548862de809d3dae3cccf109f7c78e8479a345e805e4acd27dfa82cafc6b64b1f4659834aecbed6d44b11a443c5ba92a326dd10921aa79c62800844c7a59f55ee205a11ab50fb402e7da6ada561ec1117cc186b01fd5c20680c580dc31b0963ff953ce09148e8dfea9d03a61bbd2bb173518507a3cd0e37c4da0a71eee31071d5d642498181c69cee3b2e414ddd6a12ff4bdf6e96c247b6025d4376067e25357d3b521a5b927d3392a7503718aea2417952cf6a0c6de4e61b49cad1e4d6b000000000000005b2d16877299acefc0fb5bc1422c3d425d988eedebcf242b780a687c9acae2a5a71c2a16a32ceb377f5d54f9b2fa90b2905906e611be56e9eb0cab20c290a1f6c09272dbc3b2c0ab2b5baa1b07b16e81f278e54a479f1a068658e3656cfa196d6c050000000000000000814955c62a7d72b317399e572a7f6a4657b7cbe066c9179ffd097d61fcfd0fa1d46cfb110e3e8cff5579e83f2820f95eaa0c609f666950c24311740e36de8f65708cfffce788c99ef8f62fd2398e999b220125da8eb07947512365abbc5b84ef524bdf184727c67910051f204662264607d548dbdffe14b4907c49f604e5a92e3f9de595d31dd084adfe00007267f226019ef0a25bc15da71e893856a2182c3167d8ba73f7c6294b159a426ce44cd73f000000a66fc501eae0c3504c1400697ba69fd9b7eaf49aff6a6aea529610db8dfef86c3cc698e9fddf1b132876159972281a90c3a4cf415df25fbcdd35cf8368f068c4481844bdd0dda553e1cb0966d5686013d382956d50055dce0d1ac225c1d77612b1ec52e743dbc51f25cc07a202b704577316913cf667fa65e476f688de2d6c54ea192a569eed05d0d7536b3205c68d4ee0fe318ed3112c76dcf128a1d5595b773ef4c8a7ba4e10381de8808ff02dd0a7b996ecf1c65e6d9db90c87123d9cb3945330f7a270ee0cca35b133b249b800a34b0942d97b55d808c41ca8fec0b2f39f505140751b60f29a83e4bc0ef2ffea443e4aa221cc38a503add16a2c98cb589e1dac1912b4142a3be30f50b2d947ffff0000eb38030d0c0ce0598700130000000000000000000000554361e1628ee0017ad19ca787f2c078aa260701ce0800000080623902000000000000000000003d118a04fa6a80c4928c01ccab57bdf4eb265ad15004f967543fe6e6ddc2a12165fe3a08bf9475ee0eee3539369b0e566fedbd215a6ddd4fe03dcc7a922e16410d820747b7e806c0f3b6f14c884d150a0ff07f2e0000bfb083c56d3bed0a61fab880f8885c612ebff8523d14cfb12aca274c000000005e5155611969f6e67dd83b20206207cb8b2cd2fab6fa6d7fdaed6a27a2e4db1d5adc80014ff11d9dbceba41d8dfce410333a054e82b1d050331ce0aeacb843b94d67f69f49eb4dd3b1b85b018359c32df01db8ebce0dbc36cade09c6b44f6b93d28db8ae4db5624d8a02f7be91bec65e4b3373059587dd6528bbc48e3379d477d482faff738c39c61cac1195043bd5b70c0860c1083a169a8263e9aec56b9f7795fa27634a7f06359e3058d2dd69c4e5cc11b36d9ed9c4b2867f583de6fc582f789722bd1500e64c495abdb72de2c739d38c72f6f4fb1946081dcc825d5b5b747e9fa1b5226cd31e131263f1fcd5d45a630b46d04af906f0be464d829dd2dfcf7400002b7827f6d957e51bb1f1b44a50200c9dfadfaff2e32baa9c0edaac7144e174dba582a951d2b03c27219cec4fbc7b6e99c3f00188941e3fbf008cbace177ae250fd757a22e21ec05aa45c91e1345ca936184c3fc28153283e13654123cfaf4e666e80f34d0adad1e2116bc385f888405d48f0d386da0cc6068018e45772a68f2ea3fb7e7207000000b24088014c8e64f03d053c4e02ddd08b262e422eff1c9f124b892b0a9462b07d4f88c0693bd9c54ad2ab5227aa59ef2b53ac528c0800000000000000ebfde0c4a37c2d55c176680c4207000000e4aa467f995c9bc99e60441d4dbebead3b436427762618810bac7308c6d3298ea932b66572825e62d18462d3b2342ba48c145ff4674a94fa078cc552d064da2bb69a0d269076f8957176578f44ffb8895fbd4e2a757a4249a855632ca30e09789811bd5e06840f8848df72230a28e0304569bfa0350b6dde9e96273de1758505aa1ba89dfb12be7a7c6dd18f6148354df7e60a489dc543ccdee1fff9d8f8d78844de27a77ef1181d5055c2a193a5763ed7749a17296c76818b60426082c86619dacc8a884c4de8572a044faf0c8e4377776c8703ecf2e3f1c3d6410000000400008369f062639e3ddcf725be54f626448fb7bfc74c183b26e31b71a390ccea4be07278dd12fa16848797397b76908fa03613cd961b98b26a0879ccba4a78c82958764bce07a7f70df1cef6d4db1ddbda1db18e4f41c390fd3cb862216ece39a9ec60bd3bfb41cb630343b32ee5f9329dcaf33be8c87cc510557460d14421e1d26322ab64388f2ceae70922989f66827fe9acd2ec3ece39f3b4ffdc4dfea3da6ddb002512e2313253801044e751168e32d7bd6800000000a21008b8d26dabe977c503c30ef7c489e5ea1fff041e54de54cfeb258f2387dad096b72a78d934927492cfc773c731cca9b13b3f6e7760ab0929c46f51ea5643f3df4f4044f3ad0a6ba739e72d8b8b2935d81534bea8372bc590c111d573e04280659a096eaa495a4154daae7d1800c130d920964845c50c8ba4763b19b6008f6d7a5091895c7a4b7816ab706503be879b18b778b0f61ecfde2f8bbb32cfeb766ec4430ee0ad45a0a263ddc4b2f47680c8d53439f8d388dab87112c83997badaf8ed85cd5b03a7352a0fb83398566d1bc133582ce2d9f601cd23eba4432180b2d5c3019879cd949a5be1b241b3d0d0d52a3529cc9e704a9d8d54f4f7b776a969a4505e18fe5284985ca7d112c397d776e3baba918b7df456bd970e761e00f3b0efa5ce4246d9f08ba60da3be556c518a1f19504c7cea1491a9eadd27d747ca9cc5f92e30b2ca3cf0b142a8554c87e8026d4e586cf5f7c9d412e6eb4f66a076c8bca6b294305969dabb6c932b57a5dd4234bf1ed3bd095229ee3cbb86883d574c5af4bb78370561de3fbf55bfcd2db3979eb1be120b5795443324023353c959fd965702f1cd5bcb3c16d4b8bdd9fc87c862c247e140379ef098c7b3fa79a6638a245b6a74f14dde9bd4ee48e62cdc70f486ce38641e4e4309aa9f4bd097fa1530db966d9919544ab4890301e51f9525436f5d9591460340f5093161a78a249783945407f2576d6f35a99e3521d7991e3fdfde5ee7f6a8ff8181a68ef15a2ebfe9e22d7c745949ab5cc15b9f5659799b5e006f09f5173e260b82f80ae10adebbf9f623f75bfd4d83c4859ca9b652cea33daeeef07b60c78a21965bcf91919071c7ded1ca0fbea5cbe54ee42fb6809317dc0b7587d9322f8cd09e32675a187465bdfa101bcd9ac680839b375af12c160247dd960e70eb7ee60c52a900440aa9bd9a6b15a4a34dc73c3c4936d8986300fdc264b28537df387e64420f2f5fa2a31d24c1ed888a57fcc50400a084a38a3630ffc465f36a4b770fab0946148161184be39134542e934f3a538b011cb3928b4306301855c89afe795d881d4361e7fbd1fc2331b4e34733480bc497662a8234a7eeab3e65d6b0f5d92edff04416eedcd15b9ddbcb3cf9228afda6b17d44a276b205eabd0069f7e26aea50f537dc77b683ed83d2f9110e00a705f48e9d13378cf09bca22e8f45c4f360d5fff8b57a2a35f21c4513bcc0800000000000000dc5cc7ad7290c60bc609bff9be7cd922f474c3faa78fd42cba7c78d6d912656b6313497625e2f9afaba05b17ca242b7ca8d6556175aee38142a8aac5f677c2f8a6967f2cb5e97aae97a5e5579a706243688ac4d38a4601b4aadb2d319fe7d6bf1272fa3fa701338d7bce390e8bf959081ed39e63a431901d615a26ff95e1620a6c26eda4f92d83499a173e7217001f58ed5406ba14bfe611e5958458af7b3c5319fdb4c40b8d01365fdee93af6fad7c7a8da8646dc1379d1aceb72fd929e7de4e9620000000000000000000000000000007cf90000008f8a9da7a8a167815c6ffcd1b6863cde9ab45ecd8f06423198bb00cdf76877f407be46b0755d6be5afbb4cb3a8de259a8beb2223f28b855e2bdf4b31b91e5062a42a55bd95e93f77f2499391cf0000000000000000000000000000195007ad27d1d61dc4d5512f117f0ed554c2c88c4468a4808ae562a6bb1ff447d6e12da22ee9f0422a84f361684861169f498909c4841f4d5a0fa3b7d833075fdcd9c1d169b03d7df7f4150fad8b9e92eaf86992adbda360dd91de51c6df335445492608162fb0804dabdeac6fb70042f906eefd37f1d190a1c8a0d9de7f34dcc8cbd7b565fc675f3bf7aac559411808ee703ec3ad461c6ddc571994cb504c46eabbc2ff4b97df394bc75b5e7f45a4450753b576af95820540e1ac91a43954f0b1260fa3b351b5a424d2b2944866aff582486308aca33c9571d1928175737473eaba14c9818c05d57de4df75f08206c24f781a72f26159b0abf05a90364414c4be434323c0f1050494aed7d791966edcb89d555e9907222e9af2546f0d6f9e51d40e30c85bb10cef93aacbb2d1278ddfcb9c65fd6d55239b1b7097c262740c13c53937b6f11ca6d544789ad36df5721e198f3d7f3a70d987c534cd7ac8da762e6d8752637405ffc1399a79f6c266dda1593f18ea2fb93111c1416f5a07fd7d74f956b2f4f4f3e9bcc03613cfb2b89b42babeb5756a21af5d2f980f1eb505cee397fd4e2cf068804b31b8be623a04c103e0dd4f0c3626f6bffa8f9d597123da046692211f7ad0711469f4839d394ed227336c2394b9ba1c299e88bca4fd70723dcab03ed8de938a69c31cdb5dcc77df25bcae53d9f35125c9d19d6f948f29ed4cab2cff308f3d6230c0e1442f21163ed895e869bd37653abbf7ab3d48c15d8f4a99a1c84bfe7b76c0bb42cf72a1b871b6edf1ce441c720054ab2aaa9f1d7ce20f8827c967f61a4acffb1ffbe54dbf4b65f23f1e740412a6e90dbeaee4d177f7bd016ebf7aec4a80671f193d28eaf71043ca144f9dbdc8743d9dd16d17f87c8a84f66053460fa6de2a29c2ba81e4780689b03bb02c0249a645cb6282b91f7d0f412a823b81c8d6c39a4483efeaf68e6920255a38f3459b89eb3c1ebba6a1507dadd4e7bcbec4d5c6be67f2760ac557c71e79b79939d0f41ae12241b464390d2ff9c60d49c3cfb455ffa1a8cbe9df811bc8a917f2199884edcd83ff6978f9d1ddf702864330e896ef31c914685f74a4198d71b35fb3b6fe08d0bf6ede50ae5eea1633621f5b4ca1829d5525ff4e0b357e8dcc9026206d6ff395db6b034d6bdf697d0d05d79917684b1ba7153caee53f8769b72c566d8bf9545d857d6db6a9ad9f0d36d3bea290d73cbfd15044d245db5a8624a94555777cad157b12b98bbb1e4a71a3ca616c652fcf6c0354b96f20effea6bbbabe9287becc537db31fcca6216e63ac479f383a7de333167c0179b146806b71cbf473f05320a51373bcbf7cc2cde3e108bb8e2229ddb771c1bd8a0982cf85d01efcc572276f8dac8ce8cab40b409c8e9f9dc086ce70645d411be8563236eb1a5db6337e9d03c5cf3012eb1fe916038236df9cc3327fd0b4342f630e58d35fb5f635adcc92338f4d68ef91886b4392fd5b384600000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89}, 0x48)
socket$netlink(0x10, 0x3, 0x0)
pipe(&(0x7f0000000040))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
r3 = openat$cgroup_ro(r0, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r5, @ANYBLOB="ff830500000700ffffff", @ANYRES8=r0], 0x4}}, 0x0)
sendfile(r4, r3, 0x0, 0x100000002)

1.19697446s ago: executing program 2 (id=962):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000700)=@updpolicy={0xb8, 0x19, 0x1, 0xfffffffc, 0x0, {{@in=@dev={0xac, 0x14, 0x14, 0x23}, @in6=@local, 0x4e22, 0x0, 0x4e22, 0x0, 0xa, 0x0, 0x60, 0x0, 0x0, 0xee01}, {0x0, 0x1000000000000401, 0x0, 0x40000000, 0x0, 0x12, 0x1, 0xfffffffffffffffe}, {0x10000, 0x3, 0x0, 0x100000000007fff}, 0x0, 0x6e6bb1, 0x1, 0x1, 0x3}}, 0xb8}}, 0x0)
sendto$inet6(r0, &(0x7f0000000240)="8a", 0x1, 0x51, &(0x7f0000000080)={0xa, 0x3, 0x1, @local, 0x9}, 0x1c)

1.076099857s ago: executing program 0 (id=963):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
unshare(0x26020480)
r3 = inotify_init1(0x0)
r4 = inotify_add_watch(r3, &(0x7f00000002c0)='.\x00', 0x20000000)
r5 = dup(r3)
inotify_rm_watch(r5, r4)

1.075647257s ago: executing program 1 (id=964):
r0 = fsopen(&(0x7f0000000040)='fuseblk\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000004c0)='j\x95\'\x8aC\x16\xca\\', &(0x7f0000000c40)='\xe6usek\v\xf6u%\x9b\x00\x00\xad\xeb\x00\x00\x00\x00\x01\x80\x00\x00\xcf\x9b\x9f\b\xb6\xfe\xc8\xda~-\xf5S>\xb8\x86\xfc\x9cVR\x82\x9a\xbdp\xbd\x83w\xf9Z\xd2\xcb\xcdF\xd0#N7\x17\xfc\x1e\xf1\x97\xffxi\xe0KE}]\x8e\xca\xe3+\xc8\x98\x03\x91\x88(\bn\x7f\x0e\x85\xa5\xb4\n?_\xc9\xef\xe0Q\xdb\xb6\xa5\x81t\x06\xda\x95\x935\xf1\x18\xac\x00\xf0\xff\xff\xbd\xb5\xa1\x06\xfd\x01\x00\x00\x00\x0f\xf8\xe3\x8a\x1f\x9c\xf3\xc5\x1f\xf9\xbf[\xd13\xb3\xd3j\r6\x7f', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000140)='{:\'@-\x00', &(0x7f0000000180)='%*.\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000003c0)='\x00', &(0x7f0000000400)='(!\xef(.(\\-]\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000200)='^](*\r\\!\x00', &(0x7f0000000500)='{:\'@-\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000480)='\x00', &(0x7f0000000540)="82", 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000b80)='\xe0\"\xef\xb1\xea\xe6\x9c\xe6\xc8M\xdb\x86\xb3\x8b\xbe\xd5\xbdB\x92\xa0\x19-+a\x13qQ\xd5f39hSr\xafbB\xe2\xe8\xcd\x1bf\x18\x7f\xf27E#\"\xab\x99\xec\x88\x8d\xd8C\x0f\x95\xff\xfeG\xf9t\xb1 \xcc\xc5\xbb\x88\xb6\xd2\xf2Jwq\xf8oG<v\xb8\x18\x80\xe1Kf\xf8R\xdd\x06\xe8\xfbl\v\xb0\xdd\x05\x05\xd8\xdb\xfd`\xf9\xf8\x915\b\x8c\xad\xc8\x9d=\xfeN\x8b\x1eR\x1e\xf8\x9dn\x19H\xd2aE\xa0\x06\xb0Yv\xf9^\x8c\x8f\xc3\xa5\x985\x85U\x8cZ/\'\xbd\xe2\xdc\xe3\xb9\x8e$Z\xef\xa8\xe5(Mt\xd3\xd9\xf6X\x1a\x9b\t$N\xd0U\xe2z\xeb\x01\x80!0\xe8\xc3\xce\xf8\x03\xde\x92s\xf9', &(0x7f0000000ac0)='fuseblk\x00M\x13k\x92#\x05z)\xe0c\\35\xdf%\xa3\xac!zoO\xf8\xcex\xb3\f\xad@\x853o\x0f0\x1a\xc0\"\xf7\x11Z\x01\xc1\xd9\x9fbJ7\xd1\xad\xe1\xed\x87\xae\x11-s\xb4\xbd\x1e\x9a\xd7\xc1crt\x88%\x92\x8fL\x8d\xb3-\xb60O \xc5\xd1q\xcc\x97\xe0\xe8\xb0\n\v\xa9V\xfa\xeb\x1e|M\x98W\x81\xa2@{_\xba^\xa2\x82k\x10G\xfc\xd4\x99Pl\xfa\xe8\x7f\xc9 h\xd0\xfd\x04\x95\x8c\xb1\xe7', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000a40)='^,/\x00', &(0x7f0000000a80)='fuseblk\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000280)='\x1c@\\\x00', &(0x7f00000002c0)='\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000300)='(\xed\xef(.(\\-]\x00', &(0x7f0000000340)="0f", 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='(\xed\xef(.(\\-]\x00', &(0x7f00000000c0)='f\xf0p\xce\x97\xbb\xd2dH\xdf\xbd\x18\x9baE\xef\x90\x90\x057g\x85\xf4\xf0\xba\xb0\xb1\x06\xa6q\xef\x03H\xda\"`\xd6', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000080)='^](*\r\\!\x00', &(0x7f0000000100)='\b\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000240)='fuseblk\x00', 0x0, r0)
read(r0, 0x0, 0xfffffea1)
close(r0)

1.009052021s ago: executing program 1 (id=965):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
openat$binfmt_register(0xffffffffffffff9c, 0x0, 0x1, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x90)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x20, 0x0, 0x7, 0x101, 0x0, 0x0, {0x7, 0x0, 0xa}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x95}, 0x800)
sendmsg$NFNL_MSG_ACCT_DEL(r3, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="28000000030701"], 0x28}, 0x1, 0x0, 0x0, 0xcb5d58d386348ea6}, 0x80810)

51.115287ms ago: executing program 0 (id=967):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x8000, 0x0, 0x0, 0x0, &(0x7f0000000000))
openat$incfs(0xffffffffffffffff, &(0x7f0000000000)='.pending_reads\x00', 0x800, 0x80)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x7, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3, 0x9, 0x0, 0x2, 0x300}, {0x6e, 0x0, 0xd}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfff0}, {0x5, 0x0, 0xc, 0x9, 0x0, 0x0, 0x20000f19}, {0x3, 0x0, 0x6, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x2, 0x2, 0x0, r3}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

0s ago: executing program 1 (id=968):
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.65' (ED25519) to the list of known hosts.
[   63.457754][ T5754] cgroup: Unknown subsys name 'net'
[   63.589663][ T5754] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   64.992862][ T5754] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   66.976988][ T5771] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   66.990007][ T5779] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   66.997846][ T5779] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   67.005796][ T5779] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   67.015188][ T5779] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   67.022560][ T5779] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   67.030574][ T5779] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   67.050599][ T5780] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   67.064504][ T5779] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   67.073524][ T5783] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   67.074940][ T5780] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   67.081094][ T5783] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   67.090394][ T5781] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   67.102577][ T5780] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   67.111724][ T5780] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   67.119460][ T5780] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   67.127702][ T5780] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   67.134946][ T5781] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   67.136661][ T5782] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   67.144687][ T5780] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   67.156755][ T5780] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   67.165396][ T5781] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   67.173159][ T5781] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   67.182268][ T5781] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   67.578839][ T5766] chnl_net:caif_netlink_parms(): no params data found
[   67.642629][ T5769] chnl_net:caif_netlink_parms(): no params data found
[   67.697118][ T5768] chnl_net:caif_netlink_parms(): no params data found
[   67.730073][ T5767] chnl_net:caif_netlink_parms(): no params data found
[   67.820528][ T5766] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.828380][ T5766] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.835970][ T5766] bridge_slave_0: entered allmulticast mode
[   67.842729][ T5766] bridge_slave_0: entered promiscuous mode
[   67.860374][ T5766] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.869213][ T5766] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.876535][ T5766] bridge_slave_1: entered allmulticast mode
[   67.883137][ T5766] bridge_slave_1: entered promiscuous mode
[   67.927731][ T5769] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.935665][ T5769] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.942821][ T5769] bridge_slave_0: entered allmulticast mode
[   67.950180][ T5769] bridge_slave_0: entered promiscuous mode
[   67.989845][ T5769] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.997784][ T5769] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.005023][ T5769] bridge_slave_1: entered allmulticast mode
[   68.011658][ T5769] bridge_slave_1: entered promiscuous mode
[   68.027601][ T5766] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   68.065806][ T5766] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   68.089368][ T5768] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.096956][ T5768] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.104630][ T5768] bridge_slave_0: entered allmulticast mode
[   68.111559][ T5768] bridge_slave_0: entered promiscuous mode
[   68.118498][ T5767] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.125955][ T5767] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.133185][ T5767] bridge_slave_0: entered allmulticast mode
[   68.139947][ T5767] bridge_slave_0: entered promiscuous mode
[   68.149569][ T5769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   68.161511][ T5769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   68.174789][ T5766] team0: Port device team_slave_0 added
[   68.181096][ T5768] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.189533][ T5768] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.196791][ T5768] bridge_slave_1: entered allmulticast mode
[   68.203431][ T5768] bridge_slave_1: entered promiscuous mode
[   68.209988][ T5767] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.217333][ T5767] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.224535][ T5767] bridge_slave_1: entered allmulticast mode
[   68.231238][ T5767] bridge_slave_1: entered promiscuous mode
[   68.249417][ T5766] team0: Port device team_slave_1 added
[   68.282897][ T5768] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   68.320052][ T5768] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   68.342183][ T5769] team0: Port device team_slave_0 added
[   68.349460][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_0
[   68.356817][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.382986][ T5766] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   68.396536][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_1
[   68.403575][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.429629][ T5766] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   68.458693][ T5767] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   68.469710][ T5769] team0: Port device team_slave_1 added
[   68.488372][ T5768] team0: Port device team_slave_0 added
[   68.499817][ T5767] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   68.532267][ T5768] team0: Port device team_slave_1 added
[   68.557531][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_0
[   68.564621][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.590638][ T5768] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   68.610802][ T5768] batman_adv: batadv0: Adding interface: batadv_slave_1
[   68.619242][ T5768] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.648445][ T5768] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   68.679336][ T5767] team0: Port device team_slave_0 added
[   68.692531][ T5767] team0: Port device team_slave_1 added
[   68.699559][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_0
[   68.706597][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.733796][ T5769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   68.763292][ T5766] hsr_slave_0: entered promiscuous mode
[   68.770402][ T5766] hsr_slave_1: entered promiscuous mode
[   68.789977][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_1
[   68.797758][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.823787][ T5769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   68.882467][ T5768] hsr_slave_0: entered promiscuous mode
[   68.891302][ T5768] hsr_slave_1: entered promiscuous mode
[   68.897412][ T5768] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   68.905808][ T5768] Cannot create hsr debugfs directory
[   68.922262][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_0
[   68.929307][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.955583][ T5767] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   68.968724][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_1
[   68.975739][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.001784][ T5767] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   69.069895][ T5769] hsr_slave_0: entered promiscuous mode
[   69.076836][ T5769] hsr_slave_1: entered promiscuous mode
[   69.084097][ T5769] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   69.091658][ T5769] Cannot create hsr debugfs directory
[   69.170109][ T5767] hsr_slave_0: entered promiscuous mode
[   69.176701][ T5767] hsr_slave_1: entered promiscuous mode
[   69.182835][ T5767] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   69.190545][ T5767] Cannot create hsr debugfs directory
[   69.204545][ T5086] Bluetooth: hci3: command tx timeout
[   69.210117][ T5086] Bluetooth: hci2: command tx timeout
[   69.215940][ T5781] Bluetooth: hci0: command tx timeout
[   69.283683][ T5086] Bluetooth: hci1: command tx timeout
[   69.476117][ T5768] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   69.489821][ T5768] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   69.499983][ T5768] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   69.514248][ T5768] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   69.616248][ T5766] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   69.639393][ T5766] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   69.671014][ T5766] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   69.691978][ T5766] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   69.740478][ T5769] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   69.764162][ T5769] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   69.785135][ T5769] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   69.799334][ T5769] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   69.861567][ T5767] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   69.872632][ T5767] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   69.882377][ T5767] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   69.900178][ T5767] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   69.973362][ T5768] 8021q: adding VLAN 0 to HW filter on device bond0
[   70.040797][ T5766] 8021q: adding VLAN 0 to HW filter on device bond0
[   70.050673][ T5768] 8021q: adding VLAN 0 to HW filter on device team0
[   70.072263][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.079606][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.108548][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.115709][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.129956][ T5766] 8021q: adding VLAN 0 to HW filter on device team0
[   70.151178][ T3447] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.158351][ T3447] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.196189][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.203316][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.226902][ T5769] 8021q: adding VLAN 0 to HW filter on device bond0
[   70.296736][ T5767] 8021q: adding VLAN 0 to HW filter on device bond0
[   70.319502][ T5769] 8021q: adding VLAN 0 to HW filter on device team0
[   70.335015][ T5767] 8021q: adding VLAN 0 to HW filter on device team0
[   70.387949][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.395135][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.412082][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.419271][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.448813][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.455988][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.490984][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.498172][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.707486][ T5768] 8021q: adding VLAN 0 to HW filter on device batadv0
[   70.823346][ T5768] veth0_vlan: entered promiscuous mode
[   70.871311][ T5768] veth1_vlan: entered promiscuous mode
[   70.956485][ T5768] veth0_macvtap: entered promiscuous mode
[   70.991876][ T5768] veth1_macvtap: entered promiscuous mode
[   71.011306][ T5766] 8021q: adding VLAN 0 to HW filter on device batadv0
[   71.050440][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_0
[   71.083002][ T5767] 8021q: adding VLAN 0 to HW filter on device batadv0
[   71.097287][ T5768] batman_adv: batadv0: Interface activated: batadv_slave_1
[   71.109540][ T5768] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.118535][ T5768] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.127974][ T5768] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.136885][ T5768] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.164390][ T5769] 8021q: adding VLAN 0 to HW filter on device batadv0
[   71.185564][ T5766] veth0_vlan: entered promiscuous mode
[   71.230842][ T5766] veth1_vlan: entered promiscuous mode
[   71.251112][ T5769] veth0_vlan: entered promiscuous mode
[   71.284289][ T5781] Bluetooth: hci0: command tx timeout
[   71.289764][ T5781] Bluetooth: hci3: command tx timeout
[   71.296514][ T5086] Bluetooth: hci2: command tx timeout
[   71.309024][ T5766] veth0_macvtap: entered promiscuous mode
[   71.323776][ T5769] veth1_vlan: entered promiscuous mode
[   71.336451][ T5766] veth1_macvtap: entered promiscuous mode
[   71.364049][ T5781] Bluetooth: hci1: command tx timeout
[   71.364384][   T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.388180][   T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.451757][ T1085] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   71.461334][ T1085] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   71.466693][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   71.482662][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.497761][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_0
[   71.511673][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   71.522609][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.535453][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_1
[   71.555014][ T5767] veth0_vlan: entered promiscuous mode
[   71.562673][ T5766] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.572709][ T5766] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.582463][ T5766] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.591268][ T5766] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.613277][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[   71.619988][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[   71.647629][ T5767] veth1_vlan: entered promiscuous mode
[   71.675546][ T5769] veth0_macvtap: entered promiscuous mode
[   71.732298][ T5769] veth1_macvtap: entered promiscuous mode
[   71.800481][ T5767] veth0_macvtap: entered promiscuous mode
[   71.812962][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   71.830697][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.841584][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   71.853272][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.865377][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_0
[   71.890754][ T5767] veth1_macvtap: entered promiscuous mode
[   71.910691][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   71.925471][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.935963][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   71.946605][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.958495][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_1
[   72.087855][ T5769] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.109981][ T5769] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.122553][ T5769] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.137106][ T5769] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.157101][ T3424] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.183916][ T3424] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.198578][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.211183][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.224564][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.235285][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.360378][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.422455][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.502559][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_0
[   72.871476][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.882940][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.903013][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.913854][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.941795][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.959223][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.970873][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_1
[   72.981644][ T5767] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.992246][ T5767] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   73.001444][ T5767] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.010397][ T5767] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.162119][ T1085] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.205403][ T1085] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.224652][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.279426][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.364331][ T5771] Bluetooth: hci0: command tx timeout
[   73.381466][ T5086] Bluetooth: hci2: command tx timeout
[   73.387676][ T5781] Bluetooth: hci3: command tx timeout
[   73.444338][ T5781] Bluetooth: hci1: command tx timeout
[   73.952958][ T1085] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.968670][ T1085] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.076178][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.133665][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.276845][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.285588][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.525143][ T5781] Bluetooth: hci3: command tx timeout
[   75.530770][ T5086] Bluetooth: hci2: command tx timeout
[   75.536342][ T5771] Bluetooth: hci0: command tx timeout
[   75.536390][ T5780] Bluetooth: hci1: command tx timeout
[   76.186736][ T5889] syz.1.9[5889]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   76.404128][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   76.484669][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   76.510960][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   76.613336][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   76.884270][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   76.964397][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   77.022937][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   77.123860][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   77.213750][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   77.281125][ T5889] loop1: detected capacity change from 0 to 1024
[   77.363558][ T5889] =======================================================
[   77.363558][ T5889] WARNING: The mand mount option has been deprecated and
[   77.363558][ T5889]          and is ignored by this kernel. Remove the mand
[   77.363558][ T5889]          option from the mount to silence this warning.
[   77.363558][ T5889] =======================================================
[   77.432685][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   77.995097][ T5889] EXT4-fs: Ignoring removed bh option
[   78.043644][ T5889] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   78.622843][ T5889] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.937134][ T5766] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.084604][ T5912] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   80.743844][ T5916] fuse: root generation should be zero
[   80.931632][ T5923] syz_tun: entered allmulticast mode
[   81.011385][ T5923] syz_tun: left allmulticast mode
[   81.847631][   T27] cfg80211: failed to load regulatory.db
[   82.837011][ T5936] syzkaller0: entered promiscuous mode
[   82.842542][ T5936] syzkaller0: entered allmulticast mode
[   83.143916][ T5867] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[   83.348882][ T5867] usb 4-1: config 3 has an invalid interface number: 173 but max is 0
[   83.358294][ T5867] usb 4-1: config 3 has no interface number 0
[   83.369221][ T5867] usb 4-1: config 3 interface 173 altsetting 7 endpoint 0x6 has invalid maxpacket 512, setting to 64
[   83.383684][ T5867] usb 4-1: config 3 interface 173 has no altsetting 0
[   83.401181][ T5867] usb 4-1: New USB device found, idVendor=03f0, idProduct=0f9b, bcdDevice=d2.cf
[   83.412676][ T5867] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   83.436897][ T5867] usb 4-1: Product: syz
[   83.441169][ T5867] usb 4-1: Manufacturer: syz
[   83.466973][ T5867] usb 4-1: SerialNumber: syz
[   83.489563][ T5938] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[   83.510686][ T5867] pl2303 4-1:3.173: required interrupt-in endpoint missing
[   83.792143][ T5954] netlink: 240 bytes leftover after parsing attributes in process `syz.1.29'.
[   83.900764][ T5818] usb 4-1: USB disconnect, device number 2
[   86.010948][   T28] audit: type=1804 audit(1770649126.986:2): pid=5963 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.32" name="bus" dev="ramfs" ino=7881 res=1 errno=0
[   86.113582][   T28] audit: type=1804 audit(1770649127.006:3): pid=5963 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.32" name="bus" dev="ramfs" ino=7881 res=1 errno=0
[   86.599880][ T5972] netlink: 'syz.2.34': attribute type 1 has an invalid length.
[   86.624952][ T5972] netlink: 28 bytes leftover after parsing attributes in process `syz.2.34'.
[   87.793074][ T5980] syzkaller0: entered promiscuous mode
[   87.803732][ T5980] syzkaller0: entered allmulticast mode
[   90.225691][ T5990] loop3: detected capacity change from 0 to 1024
[   90.243723][ T5990] EXT4-fs: Ignoring removed orlov option
[   90.334257][ T5990] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   90.451405][   T28] audit: type=1326 audit(1770649131.446:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5995 comm="syz.2.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27fc19af79 code=0x7ffc0000
[   90.489477][   T28] audit: type=1326 audit(1770649131.446:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5995 comm="syz.2.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27fc19af79 code=0x7ffc0000
[   90.513537][   T28] audit: type=1326 audit(1770649131.446:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5995 comm="syz.2.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f27fc19af79 code=0x7ffc0000
[   90.683609][   T28] audit: type=1326 audit(1770649131.446:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5995 comm="syz.2.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27fc19af79 code=0x7ffc0000
[   90.702310][ T5996] loop2: detected capacity change from 0 to 2048
[   90.834064][   T28] audit: type=1326 audit(1770649131.446:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5995 comm="syz.2.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7f27fc19af79 code=0x7ffc0000
[   91.277866][   T28] audit: type=1326 audit(1770649131.446:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5995 comm="syz.2.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27fc19af79 code=0x7ffc0000
[   91.306758][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.415506][   T28] audit: type=1326 audit(1770649131.566:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5995 comm="syz.2.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f27fc19af79 code=0x7ffc0000
[   91.510646][ T5996] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   91.513678][   T28] audit: type=1326 audit(1770649131.566:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5995 comm="syz.2.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f27fc19ace2 code=0x7ffc0000
[   91.545191][   T28] audit: type=1326 audit(1770649131.656:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5995 comm="syz.2.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f27fc15b84e code=0x7ffc0000
[   91.568478][   T28] audit: type=1326 audit(1770649131.696:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5995 comm="syz.2.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f27fc19ada7 code=0x7ffc0000
[   91.590918][   T28] audit: type=1326 audit(1770649131.696:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5995 comm="syz.2.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f27fc15b84e code=0x7ffc0000
[   91.613629][   T28] audit: type=1326 audit(1770649131.696:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5995 comm="syz.2.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f27fc19ac0b code=0x7ffc0000
[   91.635966][   T28] audit: type=1326 audit(1770649132.276:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5995 comm="syz.2.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f27fc13c399 code=0x7ffc0000
[   91.658316][   T28] audit: type=1326 audit(1770649132.276:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5995 comm="syz.2.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f27fc15b84e code=0x7ffc0000
[   91.691743][   T28] audit: type=1326 audit(1770649132.446:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5995 comm="syz.2.41" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f27fc15b84e code=0x7ffc0000
[   92.604626][ T5767] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   92.744883][ T6010] netlink: 'syz.3.44': attribute type 1 has an invalid length.
[   93.073773][ T6019] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   93.538624][ T6022] xt_socket: unknown flags 0x50
[   96.501388][ T6033] loop0: detected capacity change from 0 to 128
[   97.919097][ T6045] netlink: 'syz.2.53': attribute type 10 has an invalid length.
[   97.998840][ T6045] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[   98.125929][ T6045] 8021q: adding VLAN 0 to HW filter on device bond1
[   98.184614][ T6050] netlink: 44 bytes leftover after parsing attributes in process `syz.3.55'.
[   98.189555][ T6045] bond_slave_0: entered promiscuous mode
[   98.199594][ T6045] bond_slave_1: entered promiscuous mode
[   98.205337][ T6045] syz_tun: entered promiscuous mode
[   98.211938][ T6045] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   98.221309][ T6045] bond1: (slave macvlan2): unknown ethtool speed (30000) for port 1 (set it to 0)
[   98.231113][ T6045] bond1: (slave macvlan2): speed changed to 0 on port 1
[   98.240862][ T6045] bond1: (slave macvlan2): Enslaving as a backup interface with an up link
[   98.250143][ T6050] netlink: 8 bytes leftover after parsing attributes in process `syz.3.55'.
[   98.274767][ T6050] netlink: 16 bytes leftover after parsing attributes in process `syz.3.55'.
[   98.308832][    T9] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   98.546915][    T9] usb 2-1: Using ep0 maxpacket: 16
[   98.579708][    T9] usb 2-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[   98.610143][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   98.754072][    T9] usb 2-1: Product: syz
[   98.806558][    T9] usb 2-1: Manufacturer: syz
[   98.867091][    T9] usb 2-1: SerialNumber: syz
[   98.992985][    T9] usb 2-1: config 0 descriptor??
[   99.411256][ T6067] process 'syz.0.59' launched '/dev/fd/8' with NULL argv: empty string added
[   99.527133][    T9] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[   99.559598][    T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[   99.584682][    T9] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[   99.603733][    T9] usb 2-1: media controller created
[   99.661596][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[   99.737022][ T6048] Cannot find add_set index 0 as target
[  101.036840][    T9] zl10353_read_register: readreg error (reg=127, ret==0)
[  101.052152][    T9] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[  101.061188][    T9] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[  101.505898][  T789] usb 2-1: USB disconnect, device number 2
[  101.672431][  T789] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[  102.081390][ T6101] bad cache= option: no%e
[  102.081390][ T6101] 
[  102.088623][ T6101] CIFS: VFS: bad cache= option: no%e
[  103.713068][ T6081] syz.3.63 (6081) used greatest stack depth: 20328 bytes left
[  112.609256][ T6192] netlink: 'syz.3.92': attribute type 10 has an invalid length.
[  112.622016][ T6192] netlink: 40 bytes leftover after parsing attributes in process `syz.3.92'.
[  112.692185][ T6192] team0: Port device geneve0 added
[  114.908993][ T6216] netlink: 132 bytes leftover after parsing attributes in process `syz.3.99'.
[  115.052904][ T6225] netlink: 'syz.0.102': attribute type 1 has an invalid length.
[  115.114752][ T6225] 8021q: adding VLAN 0 to HW filter on device bond1
[  115.252076][ T6225] bond1: entered allmulticast mode
[  116.044385][ T6225] bond1: (slave ip6gretap1): making interface the new active one
[  116.052177][ T6225] ip6gretap1: entered allmulticast mode
[  116.090709][ T6225] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  116.576490][ T6248] netlink: 24 bytes leftover after parsing attributes in process `syz.1.109'.
[  117.695978][ T6259] loop3: detected capacity change from 0 to 8
[  118.493154][ T6259] SQUASHFS error: Failed to read block 0x4de: -5
[  118.528395][ T6259] SQUASHFS error: Failed to read block 0x4de: -5
[  118.546789][ T6259] SQUASHFS error: Failed to read block 0x4de: -5
[  118.567186][ T6259] SQUASHFS error: Failed to read block 0x4de: -5
[  118.598013][ T6259] SQUASHFS error: Failed to read block 0x4de: -5
[  119.031349][   T28] kauditd_printk_skb: 18 callbacks suppressed
[  119.031418][   T28] audit: type=1800 audit(1770649159.846:37): pid=6259 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.112" name="file1" dev="loop3" ino=5 res=0 errno=0
[  119.098072][   T28] audit: type=1326 audit(1770649159.866:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6258 comm="syz.3.112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe760b9af79 code=0x7ffc0000
[  119.318512][   T28] audit: type=1326 audit(1770649160.176:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6258 comm="syz.3.112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe760b9af79 code=0x7ffc0000
[  120.226848][ T6288] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  120.253533][ T6288] CIFS mount error: No usable UNC path provided in device string!
[  120.253533][ T6288] 
[  120.263864][ T6288] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  120.852740][ T6300] netlink: 4 bytes leftover after parsing attributes in process `syz.3.121'.
[  121.740313][ T6308] binder_alloc: 6304: binder_alloc_buf, no vma
[  124.402315][ T6327] binder: 6326:6327 ioctl c0306201 0 returned -14
[  129.405283][ T6359] UBIFS error (pid: 6359): cannot open "./file0", error -22
[  129.533049][ T6366] netlink: 'syz.2.142': attribute type 10 has an invalid length.
[  129.623379][ T6366] 8021q: adding VLAN 0 to HW filter on device team0
[  129.650547][ T6366] team_slave_0: entered promiscuous mode
[  129.656560][ T6366] team_slave_1: entered promiscuous mode
[  129.976329][ T6366] bond0: (slave team0): Enslaving as an active interface with an up link
[  130.014029][ T6367] netlink: 'syz.2.142': attribute type 10 has an invalid length.
[  130.440750][ T6378] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  131.102597][ T6370] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  131.131943][   T28] audit: type=1326 audit(1770649172.126:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.3.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe760b9af79 code=0x7ffc0000
[  131.226628][ T6370] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  131.248755][   T28] audit: type=1326 audit(1770649172.126:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.3.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe760b9af79 code=0x7ffc0000
[  131.323576][   T28] audit: type=1326 audit(1770649172.126:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.3.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe760b9af79 code=0x7ffc0000
[  131.357773][   T28] audit: type=1326 audit(1770649172.126:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.3.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe760b9af79 code=0x7ffc0000
[  131.421488][   T28] audit: type=1326 audit(1770649172.156:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.3.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe760b9af79 code=0x7ffc0000
[  131.469328][   T28] audit: type=1326 audit(1770649172.156:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.3.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe760b5b84e code=0x7ffc0000
[  131.500963][   T28] audit: type=1326 audit(1770649172.156:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.3.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe760b9af79 code=0x7ffc0000
[  131.523937][   T28] audit: type=1326 audit(1770649172.156:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.3.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe760b9af79 code=0x7ffc0000
[  131.546600][   T28] audit: type=1326 audit(1770649172.156:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.3.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe760b9af79 code=0x7ffc0000
[  131.603940][   T28] audit: type=1326 audit(1770649172.166:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6380 comm="syz.3.146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7fe760b9af79 code=0x7ffc0000
[  133.014672][ T6394] netlink: 24 bytes leftover after parsing attributes in process `syz.0.149'.
[  133.096182][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  133.112798][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  137.961252][ T6430] sched: RT throttling activated
[  140.164284][ T6437] Zero length message leads to an empty skb
[  142.339928][ T6464] netlink: 'syz.1.169': attribute type 1 has an invalid length.
[  142.422507][ T6464] bond1: entered promiscuous mode
[  142.440559][ T6464] 8021q: adding VLAN 0 to HW filter on device bond1
[  143.426981][ T6470] bond1: (slave bridge1): making interface the new active one
[  143.435864][ T6470] bridge1: entered promiscuous mode
[  143.442246][ T6470] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  149.229117][ T6503] syz_tun: entered allmulticast mode
[  149.251360][ T6503] netlink: 4 bytes leftover after parsing attributes in process `syz.2.181'.
[  149.301912][ T6503] syz_tun (unregistering): left allmulticast mode
[  149.329108][ T6503] bond0: (slave syz_tun): Releasing backup interface
[  149.570206][ T6510] loop0: detected capacity change from 0 to 2048
[  149.703924][ T6511] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  149.850287][ T6513] netlink: 'syz.2.184': attribute type 4 has an invalid length.
[  149.938909][ T6510] debugfs: Directory 'netdev:nicvf0' with parent 'phy7' already present!
[  152.664871][ T6530] sctp: failed to load transform for md5: -2
[  153.229608][ T6542] netlink: 12 bytes leftover after parsing attributes in process `syz.2.190'.
[  153.329105][ T6545] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  153.417801][ T6542] netlink: 63 bytes leftover after parsing attributes in process `syz.2.190'.
[  153.506127][ T6543] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  153.788417][ T6551] netlink: 4 bytes leftover after parsing attributes in process `syz.2.192'.
[  153.840785][ T6553] loop0: detected capacity change from 0 to 512
[  154.178645][ T6553] EXT4-fs error (device loop0): ext4_xattr_inode_iget:441: inode #11: comm syz.0.201: iget: bad extra_isize 90 (inode size 256)
[  154.656972][ T6553] EXT4-fs (loop0): Remounting filesystem read-only
[  155.198692][ T6553] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  155.291971][ T6553] EXT4-fs warning (device loop0): ext4_evict_inode:255: couldn't mark inode dirty (err -5)
[  155.334095][ T6553] EXT4-fs (loop0): 1 orphan inode deleted
[  155.352005][ T6553] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.045456][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.871810][ T6598] cgroup: Setting release_agent not allowed
[  167.824239][ T6670] capability: warning: `syz.1.223' uses deprecated v2 capabilities in a way that may be insecure
[  168.967480][ T6681] netlink: 24 bytes leftover after parsing attributes in process `syz.2.227'.
[  169.029092][ T6682] tipc: Started in network mode
[  169.040101][ T6682] tipc: Node identity ac14140f, cluster identity 4711
[  169.059507][ T6682] tipc: New replicast peer: 255.255.255.255
[  169.086604][ T6682] tipc: Enabled bearer <udp:syz2>, priority 10
[  169.185973][ T6681] netlink: 4 bytes leftover after parsing attributes in process `syz.2.227'.
[  169.212715][ T6686] netlink: 12 bytes leftover after parsing attributes in process `syz.0.226'.
[  169.239226][ T6686] tipc: Disabling bearer <udp:syz2>
[  171.621877][ T6707] netlink: 12 bytes leftover after parsing attributes in process `syz.1.230'.
[  180.363664][ T6775] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode
[  180.876164][ T6779] sctp: failed to load transform for md5: -2
[  181.231821][ T6793] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  181.344530][ T6793] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  184.371928][ T6835] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  184.420203][ T6835] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  184.596118][ T6842] mmap: syz.1.265 (6842) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  185.310743][ T6847] syz.2.266 uses obsolete (PF_INET,SOCK_PACKET)
[  185.506616][ T6855] fuse: Bad value for 'fd'
[  185.512530][ T6855] 9pnet_fd: Insufficient options for proto=fd
[  185.839510][ T6861] Invalid ELF header magic: != ELF
[  188.852230][ T6897] virtio-fs: tag </dev/md0> not found
[  189.263858][ T6901] netlink: 4 bytes leftover after parsing attributes in process `syz.0.293'.
[  189.272695][ T6901] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  189.280447][ T6901] batman_adv: batadv0: Removing interface: batadv_slave_0
[  189.289972][ T6901] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  189.297497][ T6901] batman_adv: batadv0: Removing interface: batadv_slave_1
[  191.613565][   T51] Bluetooth: hci3: command 0x0406 tx timeout
[  191.619672][   T51] Bluetooth: hci0: command 0x0406 tx timeout
[  191.625759][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  191.631764][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[  191.844944][ T6937] netlink: 8 bytes leftover after parsing attributes in process `syz.3.296'.
[  191.946603][ T6937] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  192.001419][ T6941] netlink: 'syz.0.297': attribute type 4 has an invalid length.
[  193.292902][ T6955] netlink: 4 bytes leftover after parsing attributes in process `syz.3.300'.
[  193.301831][ T6955] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  193.309469][ T6955] batman_adv: batadv0: Removing interface: batadv_slave_0
[  193.323334][ T6955] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  193.331180][ T6955] batman_adv: batadv0: Removing interface: batadv_slave_1
[  194.179315][ T6961] fuse: Invalid rootmode
[  195.214167][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  195.222046][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  196.370381][ T6988] Process accounting resumed
[  197.970042][ T7007] loop0: detected capacity change from 0 to 128
[  198.008355][ T7010] tipc: Started in network mode
[  198.013251][ T7010] tipc: Node identity ac14140f, cluster identity 4711
[  198.021346][ T7010] tipc: New replicast peer: 255.255.255.255
[  198.042009][ T7010] tipc: Enabled bearer <udp:syz2>, priority 10
[  198.075795][ T7014] netlink: 12 bytes leftover after parsing attributes in process `syz.2.318'.
[  198.101457][ T7007] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  198.117482][ T7014] tipc: Disabling bearer <udp:syz2>
[  199.044910][ T7007] ext4 filesystem being mounted at /77/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  200.135682][ T5769] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  200.512101][ T7041] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  200.632696][ T7043] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  201.962474][ T7062] netlink: 'syz.1.329': attribute type 1 has an invalid length.
[  203.945702][ T7083] xt_TCPMSS: Only works on TCP SYN packets
[  206.516025][ T7114] netlink: 'syz.0.345': attribute type 9 has an invalid length.
[  208.498647][ T7120] syz.1.348 (7120) used greatest stack depth: 20272 bytes left
[  209.868261][ T7156] tipc: Cannot configure node identity twice
[  210.217973][ T7163] netlink: zone id is out of range
[  210.224611][ T7163] netlink: zone id is out of range
[  210.229797][ T7163] netlink: zone id is out of range
[  210.254473][ T7163] netlink: zone id is out of range
[  210.295577][ T7163] netlink: zone id is out of range
[  210.342876][ T7163] netlink: zone id is out of range
[  210.392504][ T7163] netlink: zone id is out of range
[  210.447644][ T7163] netlink: zone id is out of range
[  210.515814][ T7163] netlink: zone id is out of range
[  210.779125][ T7163] netlink: zone id is out of range
[  211.103541][   T28] kauditd_printk_skb: 53 callbacks suppressed
[  211.103557][   T28] audit: type=1326 audit(1770649252.076:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7167 comm="syz.1.364" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9b1c59af79 code=0x0
[  212.596881][ T7200] netlink: 12 bytes leftover after parsing attributes in process `syz.0.368'.
[  219.420786][ T7273] netlink: 'syz.0.381': attribute type 1 has an invalid length.
[  222.509832][ T5780] Bluetooth: hci1: unexpected event for opcode 0x0c1c
[  222.744957][ T7312] netlink: 'syz.0.394': attribute type 27 has an invalid length.
[  223.245636][ T7312] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.254466][ T7312] bridge0: port 1(bridge_slave_0) entered disabled state
[  226.623741][ T5780] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  226.632737][ T5780] Bluetooth: hci1: Injecting HCI hardware error event
[  226.642283][ T5086] Bluetooth: hci1: hardware error 0x00
[  227.161694][ T7339] netlink: 4096 bytes leftover after parsing attributes in process `syz.3.400'.
[  227.171537][ T7339] net_ratelimit: 24 callbacks suppressed
[  227.171567][ T7339] openvswitch: netlink: ct_state flags 00030000 unsupported
[  227.436976][ T7312] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  227.470591][ T7312] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  227.492765][ T7312] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  227.520464][ T7312] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  227.836111][ T7312] bond1: left allmulticast mode
[  227.841048][ T7312] ip6gretap1: left allmulticast mode
[  228.072038][ T7363] syzkaller0: entered promiscuous mode
[  228.086062][ T7363] syzkaller0: entered allmulticast mode
[  229.704343][ T5086] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  231.694921][ T7398] loop0: detected capacity change from 0 to 2048
[  231.758531][ T7398] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found!
[  232.470595][ T7398] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  236.353601][ T7459] overlayfs: failed to clone lowerpath
[  236.633701][ T7349] usb 1-1: new low-speed USB device number 2 using dummy_hcd
[  236.833291][ T5780] Bluetooth: hci2: unexpected event for opcode 0x2043
[  237.510092][ T7349] usb 1-1: unable to get BOS descriptor or descriptor too short
[  237.523657][ T7349] usb 1-1: unable to read config index 0 descriptor/start: -71
[  237.534468][ T7349] usb 1-1: can't read configurations, error -71
[  240.546838][ T7498] loop0: detected capacity change from 0 to 2048
[  240.603164][ T7498] UDF-fs: bad mount option "nmæ¨äõÄÆÙ" or missing value
[  240.736847][ T7502] netlink: 60 bytes leftover after parsing attributes in process `syz.1.438'.
[  240.883950][ T5780] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  240.894179][ T5780] Bluetooth: hci2: Injecting HCI hardware error event
[  240.902272][ T5780] Bluetooth: hci2: hardware error 0x00
[  240.922671][ T7504] tipc: Enabled bearer <udp:syz2>, priority 10
[  240.973852][ T7504] netlink: 104 bytes leftover after parsing attributes in process `syz.2.441'.
[  241.007346][ T7504] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  241.017972][ T7504] tipc: Enabled bearer <udp:syz0>, priority 10
[  242.036505][ T7345] tipc: Node number set to 2886997007
[  242.673873][ T7522] x_tables: ip6_tables: sctp match: only valid for protocol 132
[  242.969330][ T5780] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  244.216341][ T7539] syzkaller0: entered promiscuous mode
[  244.222064][ T7539] syzkaller0: entered allmulticast mode
[  253.929244][ T7626] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  253.936967][ T7626] IPv6: NLM_F_CREATE should be set when creating new route
[  253.974701][ T7626] lo: entered allmulticast mode
[  254.031884][ T7626] tunl0: entered allmulticast mode
[  254.078676][ T7626] gre0: entered allmulticast mode
[  254.255492][ T7626] gretap0: entered allmulticast mode
[  254.326676][ T7626] erspan0: entered allmulticast mode
[  254.352518][ T7626] ip_vti0: entered allmulticast mode
[  254.375927][ T7626] ip6_vti0: entered allmulticast mode
[  254.401615][ T7626] sit0: entered allmulticast mode
[  254.466516][ T7626] ip6tnl0: entered allmulticast mode
[  254.498878][ T7626] ip6gre0: entered allmulticast mode
[  254.524686][ T7626] syz_tun: entered allmulticast mode
[  254.538571][ T7626] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.547131][ T7626] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.570259][ T7626] bridge0: entered allmulticast mode
[  254.607903][ T7626] vcan0: entered allmulticast mode
[  254.615796][ T7626] bond0: entered allmulticast mode
[  254.621051][ T7626] bond_slave_0: entered allmulticast mode
[  254.627440][ T7626] bond_slave_1: entered allmulticast mode
[  254.647392][ T7626] team0: entered allmulticast mode
[  254.652577][ T7626] team_slave_0: entered allmulticast mode
[  254.658518][ T7626] team_slave_1: entered allmulticast mode
[  254.666074][ T7626] geneve0: entered allmulticast mode
[  254.690936][ T7626] dummy0: entered allmulticast mode
[  254.709448][ T7626] nlmon0: entered allmulticast mode
[  254.722653][ T7626] caif0: entered allmulticast mode
[  254.736770][ T7626] vxcan0: entered allmulticast mode
[  254.747551][ T7626] vxcan1: entered allmulticast mode
[  254.759738][ T7626] veth0: entered allmulticast mode
[  254.780045][ T7626] veth1: entered allmulticast mode
[  254.798384][ T7626] wg0: entered allmulticast mode
[  254.813368][ T7626] wg1: entered allmulticast mode
[  254.828274][ T7626] wg2: entered allmulticast mode
[  254.841868][ T7626] veth0_to_bridge: entered allmulticast mode
[  254.870395][ T7626] veth1_to_bridge: entered allmulticast mode
[  254.900361][ T7626] veth0_to_bond: entered allmulticast mode
[  254.924130][ T7626] veth1_to_bond: entered allmulticast mode
[  254.947324][ T7626] veth0_to_team: entered allmulticast mode
[  254.974265][ T7626] veth1_to_team: entered allmulticast mode
[  255.002223][ T7626] veth0_to_batadv: entered allmulticast mode
[  255.020975][ T7626] batadv_slave_0: entered allmulticast mode
[  255.040844][ T7626] veth1_to_batadv: entered allmulticast mode
[  255.053183][ T7626] batadv_slave_1: entered allmulticast mode
[  255.079265][ T7626] xfrm0: entered allmulticast mode
[  255.097716][ T7626] veth0_to_hsr: entered allmulticast mode
[  255.117941][ T7626] hsr_slave_0: entered allmulticast mode
[  255.137956][ T7626] veth1_to_hsr: entered allmulticast mode
[  255.159309][ T7626] hsr_slave_1: entered allmulticast mode
[  255.175144][ T7626] hsr0: entered allmulticast mode
[  255.185407][ T7626] veth1_virt_wifi: entered allmulticast mode
[  255.197677][ T7626] veth0_virt_wifi: entered allmulticast mode
[  255.210242][ T7626] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  255.219216][ T7626] veth1_vlan: entered allmulticast mode
[  255.232774][ T7626] veth0_vlan: entered allmulticast mode
[  255.258157][ T7626] vlan0: entered allmulticast mode
[  255.264179][ T7626] vlan1: entered allmulticast mode
[  255.276709][ T7626] macvlan0: entered allmulticast mode
[  255.295560][ T7626] macvlan1: entered allmulticast mode
[  255.304692][ T7626] ipvlan0: entered allmulticast mode
[  255.310416][ T7626] ipvlan1: entered allmulticast mode
[  255.317263][ T7626] veth1_macvtap: entered allmulticast mode
[  255.327348][ T7626] veth0_macvtap: entered allmulticast mode
[  255.338432][ T7626] macvtap0: entered allmulticast mode
[  255.351092][ T7626] macsec0: entered allmulticast mode
[  255.372816][ T7626] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  255.381877][ T7626] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  255.391521][ T7626] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  255.400768][ T7626] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  255.411750][ T7626] geneve1: entered allmulticast mode
[  255.426143][ T7626] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  255.436389][ T7626] netdevsim netdevsim3 netdevsim1: entered allmulticast mode
[  255.461981][ T7626] netdevsim netdevsim3 netdevsim2: entered allmulticast mode
[  255.478706][ T7626] netdevsim netdevsim3 netdevsim3: entered allmulticast mode
[  255.500344][ T7626] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode
[  255.516059][ T7626] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode
[  256.299918][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  256.318555][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  257.184445][ T5780] Bluetooth: hci0: unexpected event for opcode 0x080d
[  257.921084][ T7671] netlink: 2 bytes leftover after parsing attributes in process `syz.3.483'.
[  260.451846][ T7682] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -30507, delta: 1
[  260.868278][ T7697] netlink: 'syz.2.489': attribute type 3 has an invalid length.
[  261.061651][ T7682] ref_ctr increment failed for inode: 0x28d offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888077b52600
[  261.243047][ T5780] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  261.251914][ T5780] Bluetooth: hci0: Injecting HCI hardware error event
[  261.260536][ T5086] Bluetooth: hci0: hardware error 0x00
[  261.328236][ T7687] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -30507, delta: -1
[  261.339914][ T7687] ref_ctr decrement failed for inode: 0x28d offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888077b52600
[  261.531700][ T7702] 9pnet: p9_errstr2errno: server reported unknown error aaaaaaaaaa
[  263.423695][ T5086] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  264.931109][ T7743] netlink: 104 bytes leftover after parsing attributes in process `syz.2.503'.
[  266.925134][ T7761] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[  267.675698][ T7755] overlayfs: failed to clone upperpath
[  269.420057][ T7785] x_tables: ip_tables: osf match: only valid for protocol 6
[  271.832875][ T7814] ipt_REJECT: ECHOREPLY no longer supported.
[  271.917672][ T5780] Bluetooth: hci3: command 0x0406 tx timeout
[  275.263752][   T23] IPVS: starting estimator thread 0...
[  275.373774][ T7831] IPVS: using max 18 ests per chain, 43200 per kthread
[  276.493687][ T7842] xt_TPROXY: Can be used only with -p tcp or -p udp
[  280.308929][ T7866] DRBG: could not allocate CTR cipher TFM handle: ctr(aes)
[  280.317152][ T7869] DRBG: could not allocate CTR cipher TFM handle: ctr(aes)
[  284.390316][ T7917] loop0: detected capacity change from 0 to 512
[  284.426268][ T7917] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  284.445347][ T7917] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  284.481731][ T7917] EXT4-fs error (device loop0): ext4_orphan_get:1424: comm syz.0.544: bad orphan inode 131083
[  284.500049][ T7917] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  284.585081][ T7922] netlink: 'syz.1.543': attribute type 3 has an invalid length.
[  286.403238][ T7939] netlink: 'syz.1.547': attribute type 11 has an invalid length.
[  286.411222][ T7939] netlink: 36 bytes leftover after parsing attributes in process `syz.1.547'.
[  287.307935][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.189467][ T7953] netlink: 104 bytes leftover after parsing attributes in process `syz.1.560'.
[  292.397147][   T42] Bluetooth: (null): Invalid header checksum
[  292.426884][   T42] Bluetooth: (null): Invalid header checksum
[  292.432981][   T42] Bluetooth: (null): Invalid header checksum
[  292.490243][   T42] Bluetooth: (null): Invalid header checksum
[  292.515393][   T42] Bluetooth: (null): Invalid header checksum
[  292.521489][   T42] Bluetooth: (null): Invalid header checksum
[  292.578151][   T42] Bluetooth: (null): Invalid header checksum
[  292.585122][   T42] Bluetooth: (null): Invalid header checksum
[  292.591864][   T42] Bluetooth: (null): Invalid header checksum
[  292.899456][ T8000] netlink: 'syz.0.566': attribute type 1 has an invalid length.
[  293.011995][ T8002] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 20000 - 0
[  293.045831][ T8002] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 20000 - 0
[  293.076297][ T8002] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 20000 - 0
[  293.107381][ T8002] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 20000 - 0
[  293.140951][ T8002] bond2: (slave geneve2): making interface the new active one
[  293.159532][ T8002] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  293.179841][ T8000] netlink: 28 bytes leftover after parsing attributes in process `syz.0.566'.
[  293.212651][ T8000] 8021q: adding VLAN 0 to HW filter on device bond2
[  295.222825][ T8029] netlink: 28 bytes leftover after parsing attributes in process `syz.2.572'.
[  299.302083][ T8066] loop0: detected capacity change from 0 to 1024
[  299.338026][ T8066] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  303.243428][   T28] audit: type=1326 audit(3918132992.236:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8098 comm="syz.3.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe760b9af79 code=0x7ffc0000
[  303.433680][   T28] audit: type=1326 audit(3918132992.236:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8098 comm="syz.3.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe760b9af79 code=0x7ffc0000
[  303.457328][   T28] audit: type=1326 audit(3918132992.236:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8098 comm="syz.3.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe760b9af79 code=0x7ffc0000
[  303.483094][   T28] audit: type=1326 audit(3918132992.236:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8098 comm="syz.3.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fe760b9af79 code=0x7ffc0000
[  304.198177][   T28] audit: type=1326 audit(3918132992.236:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8098 comm="syz.3.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe760b9af79 code=0x7ffc0000
[  304.255815][   T28] audit: type=1326 audit(3918132992.236:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8098 comm="syz.3.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe760b9af79 code=0x7ffc0000
[  305.117213][   T28] audit: type=1326 audit(3918132992.246:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8098 comm="syz.3.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe760b9af79 code=0x7ffc0000
[  305.146747][   T28] audit: type=1326 audit(3918132992.246:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8098 comm="syz.3.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe760b9af79 code=0x7ffc0000
[  305.172858][   T28] audit: type=1326 audit(3918132992.246:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8098 comm="syz.3.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7fe760b9af79 code=0x7ffc0000
[  305.391790][   T28] audit: type=1326 audit(3918132992.246:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8098 comm="syz.3.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe760b9af79 code=0x7ffc0000
[  312.139359][ T8166] xt_CT: You must specify a L4 protocol and not use inversions on it
[  313.956330][ T8182] syzkaller0: entered promiscuous mode
[  314.022686][ T8182] syzkaller0: entered allmulticast mode
[  315.594284][ T8203] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  318.224541][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  318.230875][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  319.782271][ T8239] loop0: detected capacity change from 0 to 1024
[  321.385734][ T8252] loop0: detected capacity change from 0 to 1024
[  321.408610][ T8252] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  321.431427][ T8252] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  321.443222][ T8252] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  321.455695][ T8252] EXT4-fs (loop0): orphan cleanup on readonly fs
[  321.466354][ T8252] EXT4-fs error (device loop0): ext4_read_inode_bitmap:168: comm syz.0.633: Inode bitmap for bg 0 marked uninitialized
[  321.482783][ T8252] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  322.684846][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.848889][ T8267] netlink: 20 bytes leftover after parsing attributes in process `syz.1.645'.
[  326.010368][ T8302] netlink: 'syz.2.646': attribute type 4 has an invalid length.
[  328.454254][ T8319] warning: `syz.2.652' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  330.606333][   T28] kauditd_printk_skb: 67 callbacks suppressed
[  330.606346][   T28] audit: type=1326 audit(3918133019.606:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.0.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f476819af79 code=0x7ffc0000
[  330.652207][   T28] audit: type=1326 audit(3918133019.606:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.0.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f476819af79 code=0x7ffc0000
[  330.679110][   T28] audit: type=1326 audit(3918133019.606:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.0.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f476819af79 code=0x7ffc0000
[  330.787001][   T28] audit: type=1326 audit(3918133019.606:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.0.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f476819af79 code=0x7ffc0000
[  331.109793][   T28] audit: type=1326 audit(3918133019.606:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.0.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f476819af79 code=0x7ffc0000
[  331.240998][   T28] audit: type=1326 audit(3918133019.606:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.0.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f476819af79 code=0x7ffc0000
[  331.442589][   T28] audit: type=1326 audit(3918133019.616:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.0.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f476819af79 code=0x7ffc0000
[  331.465141][   T28] audit: type=1326 audit(3918133019.616:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.0.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f476819af79 code=0x7ffc0000
[  331.873168][   T28] audit: type=1326 audit(3918133019.616:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.0.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f476819af79 code=0x7ffc0000
[  332.198035][   T28] audit: type=1326 audit(3918133019.626:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.0.657" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7f476819af79 code=0x7ffc0000
[  334.535101][ T8373] syzkaller0: entered promiscuous mode
[  334.540625][ T8373] syzkaller0: entered allmulticast mode
[  334.604584][ T8375] fuse: Bad value for 'fd'
[  335.001147][ T8379] loop0: detected capacity change from 0 to 4096
[  337.155111][   T28] kauditd_printk_skb: 55 callbacks suppressed
[  337.155163][   T28] audit: type=1800 audit(3918133026.136:246): pid=8379 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.672" name="file1" dev="loop0" ino=33 res=0 errno=0
[  338.382615][ T8401] loop0: detected capacity change from 0 to 2048
[  338.408463][ T8401] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  342.077329][ T8428] netlink: 32 bytes leftover after parsing attributes in process `syz.2.683'.
[  342.118216][ T8428] netlink: 32 bytes leftover after parsing attributes in process `syz.2.683'.
[  345.036924][ T8453] capability: warning: `syz.1.694' uses 32-bit capabilities (legacy support in use)
[  345.119327][ T8454] tmpfs: Bad value for 'huge'
[  347.444379][ T8465] netlink: 8 bytes leftover after parsing attributes in process `syz.1.697'.
[  349.637039][ T5780] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  349.649266][ T5780] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  349.657909][ T5780] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  349.666429][ T5780] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  349.709414][ T5780] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  349.717331][ T5780] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  349.817446][ T8482] atomic_op ffff88807d700198 conn xmit_atomic 0000000000000000
[  351.768480][ T5780] Bluetooth: hci2: command tx timeout
[  351.982356][ T8479] chnl_net:caif_netlink_parms(): no params data found
[  352.153549][ T8506] netlink: 'syz.2.707': attribute type 10 has an invalid length.
[  352.331055][ T8479] bridge0: port 1(bridge_slave_0) entered blocking state
[  353.655202][ T8479] bridge0: port 1(bridge_slave_0) entered disabled state
[  353.691066][ T8479] bridge_slave_0: entered allmulticast mode
[  353.713708][ T8479] bridge_slave_0: entered promiscuous mode
[  353.822958][ T8515] netlink: 176 bytes leftover after parsing attributes in process `syz.2.707'.
[  353.844325][ T5780] Bluetooth: hci2: command tx timeout
[  353.850094][ T8479] bridge0: port 2(bridge_slave_1) entered blocking state
[  353.896965][ T8479] bridge0: port 2(bridge_slave_1) entered disabled state
[  353.925249][ T8479] bridge_slave_1: entered allmulticast mode
[  353.984171][ T8479] bridge_slave_1: entered promiscuous mode
[  354.202318][ T8479] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  354.232499][ T8479] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  354.463262][ T8479] team0: Port device team_slave_0 added
[  354.554498][ T8479] team0: Port device team_slave_1 added
[  354.632569][ T8479] batman_adv: batadv0: Adding interface: batadv_slave_0
[  354.685240][ T8479] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  354.749850][ T8479] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  354.762812][ T8479] batman_adv: batadv0: Adding interface: batadv_slave_1
[  354.769869][ T8479] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  354.797171][ T8479] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  355.689821][ T8479] hsr_slave_0: entered promiscuous mode
[  355.707771][ T8479] hsr_slave_1: entered promiscuous mode
[  355.736719][ T8479] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  355.770927][ T8479] Cannot create hsr debugfs directory
[  355.777693][ T8537] netlink: 'syz.1.712': attribute type 1 has an invalid length.
[  355.843918][ T8537] 8021q: adding VLAN 0 to HW filter on device bond2
[  355.875976][ T8538] vlan2: entered promiscuous mode
[  355.897490][ T8538] bond2: entered promiscuous mode
[  355.924879][ T8538] vlan2: entered allmulticast mode
[  355.930132][ T8538] bond2: entered allmulticast mode
[  355.942256][ T5780] Bluetooth: hci2: command tx timeout
[  356.000981][ T8544] netlink: 8 bytes leftover after parsing attributes in process `syz.1.712'.
[  356.240830][ T8544] bond2: (slave bridge2): making interface the new active one
[  356.326106][ T8544] bridge2: entered promiscuous mode
[  356.407147][ T8544] bridge2: entered allmulticast mode
[  356.519410][ T8544] bond2: (slave bridge2): Enslaving as an active interface with an up link
[  357.372318][   T11] hsr_slave_0: left promiscuous mode
[  357.451383][ T8565] ptrace attach of "./syz-executor exec"[5767] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  357.486107][   T11] hsr_slave_1: left promiscuous mode
[  358.011078][ T5780] Bluetooth: hci2: command tx timeout
[  358.135967][   T11] bridge_slave_1: left promiscuous mode
[  358.143953][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  358.205664][   T11] bridge_slave_0: left promiscuous mode
[  358.220437][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  359.223513][   T11] team0 (unregistering): Port device geneve0 removed
[  361.717445][   T11] team0 (unregistering): Port device team_slave_1 removed
[  361.758347][   T11] team0 (unregistering): Port device team_slave_0 removed
[  361.799764][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  361.841184][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  362.126896][   T11] bond0 (unregistering): Released all slaves
[  362.578604][ T8611] loop0: detected capacity change from 0 to 128
[  362.614607][ T8611] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  362.693224][ T8611] ext4 filesystem being mounted at /173/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  362.881025][ T8479] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  362.952171][ T8479] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  362.999535][ T8479] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  363.447694][ T8479] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  363.811175][ T5769] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  364.157645][ T8479] 8021q: adding VLAN 0 to HW filter on device bond0
[  364.237697][ T8479] 8021q: adding VLAN 0 to HW filter on device team0
[  364.268749][ T3447] bridge0: port 1(bridge_slave_0) entered blocking state
[  364.276022][ T3447] bridge0: port 1(bridge_slave_0) entered forwarding state
[  364.332086][ T3486] bridge0: port 2(bridge_slave_1) entered blocking state
[  364.339354][ T3486] bridge0: port 2(bridge_slave_1) entered forwarding state
[  364.734218][ T8653] netlink: 'syz.2.734': attribute type 9 has an invalid length.
[  364.742067][ T8653] netlink: 126588 bytes leftover after parsing attributes in process `syz.2.734'.
[  364.987942][ T8655] netlink: 8 bytes leftover after parsing attributes in process `syz.0.735'.
[  366.757897][ T8479] 8021q: adding VLAN 0 to HW filter on device batadv0
[  367.197414][ T8687] siw: device registration error -23
[  370.362453][ T8712] netlink: 'syz.2.744': attribute type 1 has an invalid length.
[  370.429185][ T8712] bond3: entered promiscuous mode
[  370.443829][ T8712] 8021q: adding VLAN 0 to HW filter on device bond3
[  370.478617][ T8714] netlink: 28 bytes leftover after parsing attributes in process `syz.2.744'.
[  370.527658][ T8714] bond3: entered allmulticast mode
[  370.650208][ T8712] bond3: (slave bridge2): making interface the new active one
[  370.668344][ T8712] bridge2: entered promiscuous mode
[  370.683519][ T8712] bridge2: entered allmulticast mode
[  370.694841][ T8712] bond3: (slave bridge2): Enslaving as an active interface with an up link
[  370.715621][ T8479] veth0_vlan: entered promiscuous mode
[  370.750786][ T8479] veth1_vlan: entered promiscuous mode
[  370.850222][ T8479] veth0_macvtap: entered promiscuous mode
[  370.872259][ T8479] veth1_macvtap: entered promiscuous mode
[  370.969747][ T8479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  371.033623][ T8479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  371.063558][ T8479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  371.083426][ T8479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  371.603633][ T8479] batman_adv: batadv0: Interface activated: batadv_slave_0
[  372.013890][ T8479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.050561][ T8479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.069935][ T8479] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  372.092411][ T8479] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  372.130565][ T8479] batman_adv: batadv0: Interface activated: batadv_slave_1
[  372.162585][ T8479] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  372.186474][ T8479] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  372.195797][ T8479] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  372.204925][ T8479] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  373.345437][ T3561] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  373.453518][ T3561] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  373.569409][ T3561] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  373.597114][ T3561] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  373.722049][ T8766] Driver unsupported XDP return value 0 on prog  (id 90) dev N/A, expect packet loss!
[  373.938417][   T23] IPVS: starting estimator thread 0...
[  373.951753][ T8776] IPVS: rr: FWM 3 0x00000003 - no destination available
[  374.048376][ T8777] IPVS: using max 19 ests per chain, 45600 per kthread
[  374.449869][ T8781] loop4: detected capacity change from 0 to 512
[  374.708471][ T8781] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  374.885960][ T8781] EXT4-fs (loop4): 1 truncate cleaned up
[  374.894828][ T8781] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  374.967580][ T8789] netlink: 12 bytes leftover after parsing attributes in process `syz.0.758'.
[  375.668464][ T8794] bond3: (slave syz_tun): Enslaving as an active interface with an up link
[  375.900277][ T8479] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.288057][ T8831] xt_cluster: node mask cannot exceed total number of nodes
[  380.086537][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  380.092872][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  383.258443][ T8882] netlink: 201392 bytes leftover after parsing attributes in process `syz.0.768'.
[  388.892274][ T8921] netlink: 8 bytes leftover after parsing attributes in process `syz.2.786'.
[  394.693855][   T23] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  394.903538][   T23] usb 1-1: Using ep0 maxpacket: 8
[  394.914643][   T23] usb 1-1: config 0 interface 0 altsetting 41 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  394.928383][   T23] usb 1-1: config 0 interface 0 has no altsetting 0
[  394.935332][   T23] usb 1-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00
[  394.949423][   T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  395.003297][   T23] usb 1-1: config 0 descriptor??
[  395.854191][   T23] usbhid 1-1:0.0: can't add hid device: -71
[  395.860256][   T23] usbhid: probe of 1-1:0.0 failed with error -71
[  395.967288][   T23] usb 1-1: USB disconnect, device number 4
[  396.085483][ T9012] syzkaller0: entered promiscuous mode
[  396.091149][ T9012] syzkaller0: entered allmulticast mode
[  396.498588][ T9019] syzkaller0: entered promiscuous mode
[  396.542871][ T9019] syzkaller0: entered allmulticast mode
[  398.142883][ T9043] loop4: detected capacity change from 0 to 2048
[  398.197492][ T9043] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  401.386373][ T9055] loop0: detected capacity change from 0 to 512
[  401.436836][ T9055] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  401.461639][ T9056] wireguard: wg1: Could not create IPv4 socket
[  402.143582][ T9055] EXT4-fs (loop0): 1 truncate cleaned up
[  402.182098][ T9055] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  402.904660][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  403.266520][ T9086] netlink: 4 bytes leftover after parsing attributes in process `syz.4.819'.
[  404.496707][ T9097] syz.1.822 (9097) used greatest stack depth: 17864 bytes left
[  404.925353][ T9109] netlink: 40 bytes leftover after parsing attributes in process `syz.0.824'.
[  406.986887][ T9129] loop0: detected capacity change from 0 to 128
[  407.004965][ T9129] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  407.066911][ T9125] DRBG: could not allocate CTR cipher TFM handle: ctr(aes)
[  407.180254][ T9129] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  407.296126][ T9129] vfat filesystem being mounted at /200/bus supports timestamps until 2107-12-31 (0x10391447e)
[  408.116483][   T59] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  408.464549][ T9142] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  408.473675][ T9142] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  408.482422][ T9142] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  408.491341][ T9142] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  409.573697][ T9147] loop0: detected capacity change from 0 to 40427
[  409.625247][ T9147] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504)
[  409.632722][ T9147] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  409.658745][ T9147] F2FS-fs (loop0): invalid crc value
[  410.576349][ T9147] F2FS-fs (loop0): Found nat_bits in checkpoint
[  411.526301][ T9147] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  411.533957][ T9147] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  414.419892][   T28] audit: type=1326 audit(3918133103.416:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9183 comm="syz.0.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f476819af79 code=0x7ffc0000
[  414.473484][   T28] audit: type=1326 audit(3918133103.416:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9183 comm="syz.0.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f476819af79 code=0x7ffc0000
[  414.567128][   T28] audit: type=1326 audit(3918133103.416:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9183 comm="syz.0.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f476819af79 code=0x7ffc0000
[  414.691996][   T28] audit: type=1326 audit(3918133103.416:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9183 comm="syz.0.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f476819af79 code=0x7ffc0000
[  414.734984][   T28] audit: type=1326 audit(3918133103.416:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9183 comm="syz.0.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f476819af79 code=0x7ffc0000
[  415.230362][   T28] audit: type=1326 audit(3918133103.416:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9183 comm="syz.0.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f476819af79 code=0x7ffc0000
[  415.463402][   T28] audit: type=1326 audit(3918133103.416:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9183 comm="syz.0.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f476819af79 code=0x7ffc0000
[  415.549429][   T28] audit: type=1326 audit(3918133103.416:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9183 comm="syz.0.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f476819af79 code=0x7ffc0000
[  415.592855][   T28] audit: type=1326 audit(3918133103.416:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9183 comm="syz.0.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f476819af79 code=0x7ffc0000
[  415.623466][   T28] audit: type=1326 audit(3918133103.416:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9183 comm="syz.0.845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f476819af79 code=0x7ffc0000
[  417.247741][ T9207] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  430.532557][ T9354] netlink: 4 bytes leftover after parsing attributes in process `syz.0.869'.
[  430.657835][ T9354] netlink: 4 bytes leftover after parsing attributes in process `syz.0.869'.
[  431.948633][ T9380] netlink: 184 bytes leftover after parsing attributes in process `syz.1.874'.
[  432.428451][ T9380] bond0: entered allmulticast mode
[  432.582929][ T9380] bond_slave_0: entered allmulticast mode
[  432.600455][ T9380] bond_slave_1: entered allmulticast mode
[  434.471010][ T9405] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  434.529670][ T9406] syzkaller0: entered promiscuous mode
[  434.556728][ T9406] syzkaller0: entered allmulticast mode
[  434.900090][ T9406] tipc: Resetting bearer <eth:syzkaller0>
[  435.168566][ T9418] netlink: 8 bytes leftover after parsing attributes in process `syz.1.880'.
[  435.219426][ T9404] tipc: Resetting bearer <eth:syzkaller0>
[  435.639406][ T9404] tipc: Disabling bearer <eth:syzkaller0>
[  435.669677][ T5891] tipc: Node number set to 2886997007
[  437.222123][ T9437] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  438.214100][ T9455] loop0: detected capacity change from 0 to 512
[  438.723437][ T9455] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  438.736667][ T9455] ext4 filesystem being mounted at /214/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  438.913032][ T9455] EXT4-fs error (device loop0): ext4_do_update_inode:5248: inode #2: comm syz.0.894: corrupted inode contents
[  438.978352][ T9455] EXT4-fs error (device loop0): ext4_dirty_inode:6124: inode #2: comm syz.0.894: mark_inode_dirty error
[  439.021584][ T9455] EXT4-fs error (device loop0): ext4_do_update_inode:5248: inode #2: comm syz.0.894: corrupted inode contents
[  439.088810][ T9459] EXT4-fs error (device loop0): ext4_do_update_inode:5248: inode #2: comm syz.0.894: corrupted inode contents
[  439.113052][ T9459] EXT4-fs error (device loop0): ext4_dirty_inode:6124: inode #2: comm syz.0.894: mark_inode_dirty error
[  439.142539][ T9459] EXT4-fs error (device loop0): ext4_do_update_inode:5248: inode #2: comm syz.0.894: corrupted inode contents
[  439.159516][ T9459] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #2: comm syz.0.894: mark_inode_dirty error
[  439.179979][ T9459] EXT4-fs error (device loop0): ext4_do_update_inode:5248: inode #2: comm syz.0.894: corrupted inode contents
[  439.203092][ T9459] EXT4-fs error (device loop0): ext4_dirty_inode:6124: inode #2: comm syz.0.894: mark_inode_dirty error
[  440.443813][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  440.450660][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  440.471049][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  444.094202][ T9505] netlink: 8 bytes leftover after parsing attributes in process `syz.4.892'.
[  456.933860][ T9642] lo speed is unknown, defaulting to 1000
[  456.939639][ T9642] lo speed is unknown, defaulting to 1000
[  456.945792][ T9642] lo speed is unknown, defaulting to 1000
[  456.957082][ T9642] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  457.611373][ T9642] lo speed is unknown, defaulting to 1000
[  457.618652][ T9642] lo speed is unknown, defaulting to 1000
[  457.625326][ T9642] lo speed is unknown, defaulting to 1000
[  457.631758][ T9642] lo speed is unknown, defaulting to 1000
[  459.661389][ T9652] lo speed is unknown, defaulting to 1000
[  460.466287][ T9661] netlink: 104 bytes leftover after parsing attributes in process `syz.2.928'.
[  463.464598][ T9684] netlink: 'syz.2.932': attribute type 4 has an invalid length.
[  463.480163][ T9684] netlink: 'syz.2.932': attribute type 4 has an invalid length.
[  464.631869][ T9690] netlink: 'syz.0.935': attribute type 12 has an invalid length.
[  466.972198][ T9705] loop0: detected capacity change from 0 to 32768
[  467.004472][ T9705] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.941 (9705)
[  468.495237][ T9705] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  468.505883][ T9705] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  468.514562][ T9705] BTRFS info (device loop0): using free space tree
[  469.626933][ T9705] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  469.629347][ T9705] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  469.638859][ T9705] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  469.648850][ T9705] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  469.658078][ T9705] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  469.667262][ T9705] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  469.677170][ T9705] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  469.686944][ T9705] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  469.696809][ T9705] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  469.706455][ T9705] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  469.716532][ T9705] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  469.726693][ T9705] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  469.745814][ T9705] BTRFS error (device loop0): open_ctree failed: -12
[  469.822038][ T9342] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by udevd (9342)
[  470.453162][   T23] IPVS: starting estimator thread 0...
[  470.563753][ T9746] IPVS: using max 17 ests per chain, 40800 per kthread
[  471.238849][ T9749] ieee802154 phy0 wpan0: encryption failed: -22
[  472.419438][ T9753] netlink: 4 bytes leftover after parsing attributes in process `syz.4.945'.
[  473.072208][ T5086] Bluetooth: hci2: command 0x0406 tx timeout
[  476.060870][   T28] kauditd_printk_skb: 27 callbacks suppressed
[  476.060885][   T28] audit: type=1326 audit(3918133165.056:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9778 comm="syz.1.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b1c59af79 code=0x7ffc0000
[  476.865151][ T9788] lo speed is unknown, defaulting to 1000
[  478.028339][   T28] audit: type=1326 audit(3918133165.056:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9778 comm="syz.1.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b1c59af79 code=0x7ffc0000
[  478.961208][   T28] audit: type=1326 audit(3918133165.056:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9778 comm="syz.1.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9b1c59af79 code=0x7ffc0000
[  479.085062][   T28] audit: type=1326 audit(3918133165.056:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9778 comm="syz.1.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b1c59af79 code=0x7ffc0000
[  479.391374][   T28] audit: type=1326 audit(3918133165.056:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9778 comm="syz.1.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b1c59af79 code=0x7ffc0000
[  479.792392][ T9805] netlink: 20 bytes leftover after parsing attributes in process `syz.1.965'.
[  479.821436][   T28] audit: type=1326 audit(3918133165.056:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9778 comm="syz.1.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9b1c59af79 code=0x7ffc0000
[  480.014585][   T28] audit: type=1326 audit(3918133165.056:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9778 comm="syz.1.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b1c59af79 code=0x7ffc0000
[  480.037374][   T28] audit: type=1326 audit(3918133165.056:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9778 comm="syz.1.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b1c59af79 code=0x7ffc0000
[  480.174356][   T28] audit: type=1326 audit(3918133165.086:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9778 comm="syz.1.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9b1c59af79 code=0x7ffc0000
[  480.536072][   T28] audit: type=1326 audit(3918133165.086:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9778 comm="syz.1.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b1c59af79 code=0x7ffc0000
[  480.755873][    C1] ------------[ cut here ]------------
[  480.761799][    C1] WARNING: CPU: 1 PID: 9808 at net/mac80211/tx.c:5031 __ieee80211_beacon_get+0x1233/0x1600
[  480.771881][    C1] Modules linked in:
[  480.775846][    C1] CPU: 1 PID: 9808 Comm: syz.0.967 Not tainted syzkaller #0
[  480.783141][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  480.793259][    C1] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600
[  480.799639][    C1] Code: 24 4c 89 e7 e8 de 52 c2 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 39 99 84 f7 0f 0b e9 f6 f7 ff ff e8 2d 99 84 f7 <0f> 0b e9 48 fb ff ff e8 21 99 84 f7 48 c7 c7 e0 50 64 8e 4c 89 e6
[  480.819329][    C1] RSP: 0018:ffffc900001f0a18 EFLAGS: 00010246
[  480.825534][    C1] RAX: ffffffff8a027b83 RBX: ffffffff8a026986 RCX: ffff88802dc2da00
[  480.833556][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  480.841540][    C1] RBP: 0000000000000000 R08: ffff88802dc2da00 R09: 0000000000000003
[  480.849559][    C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88804409e3c0
[  480.857581][    C1] R13: dffffc0000000000 R14: ffff88804409e8b0 R15: ffff88805cb73824
[  480.865601][    C1] FS:  00007f476901a6c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  480.874583][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  480.881182][    C1] CR2: 00007f9b1c5e86c0 CR3: 000000002cde1000 CR4: 00000000003506e0
[  480.889208][    C1] Call Trace:
[  480.892512][    C1]  <IRQ>
[  480.895405][    C1]  ? __ieee80211_beacon_get+0x36/0x1600
[  480.900995][    C1]  ieee80211_beacon_get_tim+0xbf/0x580
[  480.906513][    C1]  ? ieee80211_beacon_get_template_ema_list+0x90/0x90
[  480.913337][    C1]  mac80211_hwsim_beacon_tx+0x3c7/0x780
[  480.918911][    C1]  __iterate_interfaces+0x243/0x500
[  480.924167][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  480.930430][    C1]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[  480.937700][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  480.943990][    C1]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[  480.951048][    C1]  mac80211_hwsim_beacon+0xbb/0x1b0
[  480.956301][    C1]  __hrtimer_run_queues+0x52a/0xc40
[  480.961529][    C1]  ? hw_scan_work+0xf60/0xf60
[  480.966267][    C1]  ? hrtimer_interrupt+0x9c0/0x9c0
[  480.971396][    C1]  ? ktime_get_update_offsets_now+0x3d2/0x3f0
[  480.977525][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  480.982676][    C1]  handle_softirqs+0x280/0x820
[  480.987504][    C1]  ? __irq_exit_rcu+0xd3/0x190
[  480.992289][    C1]  ? do_softirq+0x1a0/0x1a0
[  480.996847][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  481.002071][    C1]  __irq_exit_rcu+0xd3/0x190
[  481.006719][    C1]  ? irq_exit_rcu+0x20/0x20
[  481.011254][    C1]  irq_exit_rcu+0x9/0x20
[  481.015542][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  481.021193][    C1]  </IRQ>
[  481.024160][    C1]  <TASK>
[  481.027103][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  481.033103][    C1] RIP: 0010:finish_task_switch+0x26a/0x8f0
[  481.038964][    C1] Code: 0f 84 33 01 00 00 48 85 db 0f 85 52 01 00 00 e9 de 04 00 00 4c 8b 75 d0 4c 89 e7 e8 f0 93 30 09 e8 7b 23 30 00 fb 4c 8b 65 c0 <49> 8d bc 24 f8 15 00 00 48 89 f8 48 c1 e8 03 42 0f b6 04 28 84 c0
[  481.058745][    C1] RSP: 0018:ffffc90005337298 EFLAGS: 00000282
[  481.064876][    C1] RAX: 561207434b40ad00 RBX: 0000000000000000 RCX: 561207434b40ad00
[  481.072872][    C1] RDX: dffffc0000000000 RSI: ffffffff8acac900 RDI: ffffffff8b1c81e0
[  481.080923][    C1] RBP: ffffc900053372f0 R08: ffffffff8e8add2f R09: 1ffffffff1d15ba5
[  481.088947][    C1] R10: dffffc0000000000 R11: fffffbfff1d15ba6 R12: ffff88802dc2da00
[  481.096975][    C1] R13: dffffc0000000000 R14: ffff88801b673c00 R15: ffff8880b8f3cac8
[  481.105011][    C1]  ? finish_task_switch+0x265/0x8f0
[  481.110242][    C1]  __schedule+0x155b/0x45a0
[  481.114918][    C1]  ? asan.module_dtor+0x20/0x20
[  481.119807][    C1]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  481.125854][    C1]  schedule+0xbd/0x170
[  481.129947][    C1]  schedule_timeout+0xc1/0x2d0
[  481.134768][    C1]  ? console_conditional_schedule+0x40/0x40
[  481.140688][    C1]  ? __lock_acquire+0x7d40/0x7d40
[  481.145780][    C1]  ? do_raw_spin_unlock+0x121/0x230
[  481.151008][    C1]  unix_wait_for_peer+0x1f6/0x2f0
[  481.156092][    C1]  ? unix_find_other+0x8d0/0x8d0
[  481.161050][    C1]  ? do_raw_spin_lock+0x11f/0x2c0
[  481.166129][    C1]  ? wake_bit_function+0x200/0x200
[  481.171261][    C1]  ? __rwlock_init+0x150/0x150
[  481.176078][    C1]  ? unix_dgram_sendmsg+0xba8/0x16d0
[  481.181413][    C1]  ? bpf_lsm_unix_may_send+0x9/0x10
[  481.186711][    C1]  unix_dgram_sendmsg+0xec2/0x16d0
[  481.191892][    C1]  ? unix_dgram_poll+0x680/0x680
[  481.196900][    C1]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  481.203367][    C1]  ? aa_sock_msg_perm+0x94/0x150
[  481.208336][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  481.213689][    C1]  ? security_socket_sendmsg+0x80/0xa0
[  481.219170][    C1]  ? unix_dgram_poll+0x680/0x680
[  481.224169][    C1]  ____sys_sendmsg+0x5ba/0x960
[  481.228967][    C1]  ? __asan_memset+0x22/0x40
[  481.233611][    C1]  ? __sys_sendmsg_sock+0x30/0x30
[  481.238663][    C1]  ? __import_iovec+0x3fa/0x850
[  481.243601][    C1]  ? import_iovec+0x73/0xa0
[  481.248161][    C1]  ___sys_sendmsg+0x2a6/0x360
[  481.252880][    C1]  ? __sys_sendmsg+0x2a0/0x2a0
[  481.257766][    C1]  ? __might_fault+0xc6/0x120
[  481.262466][    C1]  ? __might_fault+0xaa/0x120
[  481.267207][    C1]  __sys_sendmmsg+0x2ca/0x510
[  481.271908][    C1]  ? __ia32_sys_sendmsg+0x90/0x90
[  481.277003][    C1]  ? __ia32_sys_get_robust_list+0x110/0x110
[  481.282943][    C1]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  481.288978][    C1]  ? lock_chain_count+0x20/0x20
[  481.293889][    C1]  __x64_sys_sendmmsg+0xa0/0xb0
[  481.298765][    C1]  do_syscall_64+0x55/0xa0
[  481.303210][    C1]  ? clear_bhb_loop+0x40/0x90
[  481.307936][    C1]  ? clear_bhb_loop+0x40/0x90
[  481.312640][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  481.318583][    C1] RIP: 0033:0x7f476819af79
[  481.323023][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  481.342709][    C1] RSP: 002b:00007f476901a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  481.351203][    C1] RAX: ffffffffffffffda RBX: 00007f4768415fa0 RCX: 00007f476819af79
[  481.359239][    C1] RDX: 0000000000000318 RSI: 00002000000bd000 RDI: 0000000000000004
[  481.367264][    C1] RBP: 00007f47682316e0 R08: 0000000000000000 R09: 0000000000000000
[  481.375291][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  481.383338][    C1] R13: 00007f4768416038 R14: 00007f4768415fa0 R15: 00007ffcdbeeca08
[  481.391368][    C1]  </TASK>
[  481.394454][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  481.401745][    C1] CPU: 1 PID: 9808 Comm: syz.0.967 Not tainted syzkaller #0
[  481.409026][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  481.419073][    C1] Call Trace:
[  481.422345][    C1]  <IRQ>
[  481.425186][    C1]  dump_stack_lvl+0x18c/0x250
[  481.429870][    C1]  ? show_regs_print_info+0x20/0x20
[  481.435096][    C1]  ? load_image+0x400/0x400
[  481.439616][    C1]  panic+0x2dc/0x730
[  481.443511][    C1]  ? bpf_jit_dump+0xd0/0xd0
[  481.448023][    C1]  __warn+0x2e0/0x470
[  481.451996][    C1]  ? __ieee80211_beacon_get+0x1233/0x1600
[  481.457722][    C1]  ? __ieee80211_beacon_get+0x1233/0x1600
[  481.463438][    C1]  report_bug+0x2be/0x4f0
[  481.467768][    C1]  ? __ieee80211_beacon_get+0x1233/0x1600
[  481.473485][    C1]  ? __ieee80211_beacon_get+0x1233/0x1600
[  481.479201][    C1]  ? __ieee80211_beacon_get+0x1235/0x1600
[  481.484914][    C1]  handle_bug+0xcf/0x120
[  481.489158][    C1]  exc_invalid_op+0x1a/0x50
[  481.493676][    C1]  asm_exc_invalid_op+0x1a/0x20
[  481.498532][    C1] RIP: 0010:__ieee80211_beacon_get+0x1233/0x1600
[  481.504865][    C1] Code: 24 4c 89 e7 e8 de 52 c2 f7 45 31 f6 4c 8b bc 24 a0 00 00 00 e9 7a fe ff ff e8 39 99 84 f7 0f 0b e9 f6 f7 ff ff e8 2d 99 84 f7 <0f> 0b e9 48 fb ff ff e8 21 99 84 f7 48 c7 c7 e0 50 64 8e 4c 89 e6
[  481.524475][    C1] RSP: 0018:ffffc900001f0a18 EFLAGS: 00010246
[  481.530537][    C1] RAX: ffffffff8a027b83 RBX: ffffffff8a026986 RCX: ffff88802dc2da00
[  481.538501][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  481.546461][    C1] RBP: 0000000000000000 R08: ffff88802dc2da00 R09: 0000000000000003
[  481.554424][    C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff88804409e3c0
[  481.562385][    C1] R13: dffffc0000000000 R14: ffff88804409e8b0 R15: ffff88805cb73824
[  481.570355][    C1]  ? __ieee80211_beacon_get+0x36/0x1600
[  481.575905][    C1]  ? __ieee80211_beacon_get+0x1233/0x1600
[  481.581627][    C1]  ? __ieee80211_beacon_get+0x1233/0x1600
[  481.587351][    C1]  ? __ieee80211_beacon_get+0x36/0x1600
[  481.592900][    C1]  ieee80211_beacon_get_tim+0xbf/0x580
[  481.598357][    C1]  ? ieee80211_beacon_get_template_ema_list+0x90/0x90
[  481.605126][    C1]  mac80211_hwsim_beacon_tx+0x3c7/0x780
[  481.610674][    C1]  __iterate_interfaces+0x243/0x500
[  481.615869][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  481.622104][    C1]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[  481.629309][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  481.635542][    C1]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[  481.642566][    C1]  mac80211_hwsim_beacon+0xbb/0x1b0
[  481.647762][    C1]  __hrtimer_run_queues+0x52a/0xc40
[  481.652962][    C1]  ? hw_scan_work+0xf60/0xf60
[  481.657642][    C1]  ? hrtimer_interrupt+0x9c0/0x9c0
[  481.662745][    C1]  ? ktime_get_update_offsets_now+0x3d2/0x3f0
[  481.668815][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  481.673927][    C1]  handle_softirqs+0x280/0x820
[  481.678690][    C1]  ? __irq_exit_rcu+0xd3/0x190
[  481.683453][    C1]  ? do_softirq+0x1a0/0x1a0
[  481.687952][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  481.693152][    C1]  __irq_exit_rcu+0xd3/0x190
[  481.697741][    C1]  ? irq_exit_rcu+0x20/0x20
[  481.702245][    C1]  irq_exit_rcu+0x9/0x20
[  481.706479][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  481.712108][    C1]  </IRQ>
[  481.715046][    C1]  <TASK>
[  481.717979][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  481.723959][    C1] RIP: 0010:finish_task_switch+0x26a/0x8f0
[  481.729762][    C1] Code: 0f 84 33 01 00 00 48 85 db 0f 85 52 01 00 00 e9 de 04 00 00 4c 8b 75 d0 4c 89 e7 e8 f0 93 30 09 e8 7b 23 30 00 fb 4c 8b 65 c0 <49> 8d bc 24 f8 15 00 00 48 89 f8 48 c1 e8 03 42 0f b6 04 28 84 c0
[  481.749364][    C1] RSP: 0018:ffffc90005337298 EFLAGS: 00000282
[  481.755428][    C1] RAX: 561207434b40ad00 RBX: 0000000000000000 RCX: 561207434b40ad00
[  481.763393][    C1] RDX: dffffc0000000000 RSI: ffffffff8acac900 RDI: ffffffff8b1c81e0
[  481.771370][    C1] RBP: ffffc900053372f0 R08: ffffffff8e8add2f R09: 1ffffffff1d15ba5
[  481.779336][    C1] R10: dffffc0000000000 R11: fffffbfff1d15ba6 R12: ffff88802dc2da00
[  481.787300][    C1] R13: dffffc0000000000 R14: ffff88801b673c00 R15: ffff8880b8f3cac8
[  481.795279][    C1]  ? finish_task_switch+0x265/0x8f0
[  481.800478][    C1]  __schedule+0x155b/0x45a0
[  481.805000][    C1]  ? asan.module_dtor+0x20/0x20
[  481.809853][    C1]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  481.815839][    C1]  schedule+0xbd/0x170
[  481.819905][    C1]  schedule_timeout+0xc1/0x2d0
[  481.824661][    C1]  ? console_conditional_schedule+0x40/0x40
[  481.830546][    C1]  ? __lock_acquire+0x7d40/0x7d40
[  481.835573][    C1]  ? do_raw_spin_unlock+0x121/0x230
[  481.840773][    C1]  unix_wait_for_peer+0x1f6/0x2f0
[  481.845799][    C1]  ? unix_find_other+0x8d0/0x8d0
[  481.850732][    C1]  ? do_raw_spin_lock+0x11f/0x2c0
[  481.855756][    C1]  ? wake_bit_function+0x200/0x200
[  481.861467][    C1]  ? __rwlock_init+0x150/0x150
[  481.866227][    C1]  ? unix_dgram_sendmsg+0xba8/0x16d0
[  481.871513][    C1]  ? bpf_lsm_unix_may_send+0x9/0x10
[  481.876713][    C1]  unix_dgram_sendmsg+0xec2/0x16d0
[  481.881844][    C1]  ? unix_dgram_poll+0x680/0x680
[  481.886779][    C1]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  481.893193][    C1]  ? aa_sock_msg_perm+0x94/0x150
[  481.898128][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  481.903411][    C1]  ? security_socket_sendmsg+0x80/0xa0
[  481.908865][    C1]  ? unix_dgram_poll+0x680/0x680
[  481.913809][    C1]  ____sys_sendmsg+0x5ba/0x960
[  481.918579][    C1]  ? __asan_memset+0x22/0x40
[  481.923176][    C1]  ? __sys_sendmsg_sock+0x30/0x30
[  481.928199][    C1]  ? __import_iovec+0x3fa/0x850
[  481.933058][    C1]  ? import_iovec+0x73/0xa0
[  481.937566][    C1]  ___sys_sendmsg+0x2a6/0x360
[  481.942243][    C1]  ? __sys_sendmsg+0x2a0/0x2a0
[  481.947042][    C1]  ? __might_fault+0xc6/0x120
[  481.951712][    C1]  ? __might_fault+0xaa/0x120
[  481.956385][    C1]  __sys_sendmmsg+0x2ca/0x510
[  481.961059][    C1]  ? __ia32_sys_sendmsg+0x90/0x90
[  481.966083][    C1]  ? __ia32_sys_get_robust_list+0x110/0x110
[  481.971981][    C1]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  481.977958][    C1]  ? lock_chain_count+0x20/0x20
[  481.982810][    C1]  __x64_sys_sendmmsg+0xa0/0xb0
[  481.987656][    C1]  do_syscall_64+0x55/0xa0
[  481.992075][    C1]  ? clear_bhb_loop+0x40/0x90
[  481.996746][    C1]  ? clear_bhb_loop+0x40/0x90
[  482.001417][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  482.007304][    C1] RIP: 0033:0x7f476819af79
[  482.011734][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  482.031366][    C1] RSP: 002b:00007f476901a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  482.039790][    C1] RAX: ffffffffffffffda RBX: 00007f4768415fa0 RCX: 00007f476819af79
[  482.047758][    C1] RDX: 0000000000000318 RSI: 00002000000bd000 RDI: 0000000000000004
[  482.055721][    C1] RBP: 00007f47682316e0 R08: 0000000000000000 R09: 0000000000000000
[  482.063688][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  482.071648][    C1] R13: 00007f4768416038 R14: 00007f4768415fa0 R15: 00007ffcdbeeca08
[  482.079655][    C1]  </TASK>
[  482.083000][    C1] Kernel Offset: disabled
[  482.087361][    C1] Rebooting in 86400 seconds..