last executing test programs:

6m6.143923374s ago: executing program 4 (id=69):
r0 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r1, 0x0, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x800, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r3 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r3, &(0x7f0000002700)=""/102392, 0x18ff8)
timer_settime(0x0, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=@ipv4_delroute={0x4c, 0x19, 0x901, 0x70bd29, 0x80, {0x2, 0x18, 0x10, 0x0, 0x0, 0x0, 0xfd, 0x1}, [@RTA_DST={0x8, 0x1, @dev}, @RTA_GATEWAY={0x8, 0x5, @private=0xa010102}, @RTA_ENCAP={0x18, 0x16, 0x0, 0x1, @LWTUNNEL_IP6_SRC={0x14, 0x3, @private0}}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x2}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4}, 0x0)

6m4.119701741s ago: executing program 4 (id=75):
clock_getres(0x6, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
shutdown(0xffffffffffffffff, 0x0)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xffffffff}, 0x8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f0000000380)=0x38800000, 0x4)
sendmmsg(r1, &(0x7f0000001c00), 0x40000000000017a, 0x40840)

6m2.522525997s ago: executing program 4 (id=82):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_int(r0, 0x29, 0x3c, 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000040), 0x2, 0x2)
r1 = syz_usb_connect$lan78xx(0x0, 0x3f, &(0x7f0000000dc0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0x424, 0x7850, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d}}]}}, 0x0)
syz_usb_control_io$lan78xx(r1, 0x0, &(0x7f0000001140)={0x34, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_open_dev$loop(&(0x7f0000000100), 0xdf6, 0x0)
r2 = syz_io_uring_setup(0x5ba, &(0x7f0000000640)={0x0, 0x1079af, 0x3180, 0x8000, 0x40024b}, &(0x7f0000000280)=<r3=>0x0, &(0x7f0000000400)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0xffa, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x48, 0x4007, @fd_index=0x3, 0x6, 0x0, 0x0, 0x2, 0x1})
io_uring_enter(r2, 0x627, 0x4c1, 0x43, 0x0, 0x0)
syz_usb_connect(0x5, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100000cb768405e0483020b9901e4020109021b000100000000090400fb015c291d00090509"], 0x0)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r5, 0xc0505405, &(0x7f0000000200)={{0x3, 0x2, 0x1, 0x1, 0x10000}, 0x1, 0xf, 0x3})

5m58.949280845s ago: executing program 4 (id=92):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setresuid(0xee01, 0x0, 0x0)
sendmmsg$unix(r0, &(0x7f0000007cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001780)=[@cred={{0x1c}}], 0x20}}], 0x1, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x845, &(0x7f00000005c0)={[{@shortname_winnt}, {@shortname_winnt}, {@shortname_lower}, {@shortname_winnt}, {@shortname_winnt}, {@fat=@discard}, {@fat=@check_strict}, {@shortname_mixed}, {@shortname_winnt}, {@rodir}, {@shortname_win95}, {@fat=@sys_immutable}, {@utf8}]}, 0x0, 0x274, &(0x7f0000000780)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00')
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000500)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1333404, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x11080, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)
read$FUSE(r1, &(0x7f0000002140)={0x2020}, 0x2100)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x26, &(0x7f0000000380)={0x300, 0x0, 0x103ff})
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18020000fcffffff000000000000210085000000360000009500070000000000b83f3584230b8f5ec8921327291cf4880dd3a91af830f8a476ba1b51d4eb67103b000000000000000000000000000000640f9922d207e93470686f20ad"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f000062b000)=""/4096, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x70)

5m56.73639004s ago: executing program 4 (id=100):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x5, 0x4, 0x4, 0x4}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000001a300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x2, 0x17, &(0x7f0000000880)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x76}}, {{0x6, 0x0, 0x2, 0x9, 0x0, 0x6, 0xe7030000}, {0x4, 0x0, 0x0, 0x6}}, [@printk={@llu, {0x5, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x1, 0xa, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x14}}], {{0x4, 0x1, 0x5, 0x3}, {0x5, 0x0, 0xb, 0x3, 0x0, 0x2, 0x1}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

5m56.190909954s ago: executing program 4 (id=106):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000680)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4800000010000104000000000007000000000000", @ANYRES32=r2, @ANYBLOB="3f00000006020400280012800b0001006272696467650000180002800c002e00030000000300000005000700080000008e9363c4c553ed46"], 0x48}, 0x1, 0x0, 0x0, 0x44000}, 0x0)
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x200000000000011, 0x2, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz1\x00', {0x4, 0x0, 0x5374}, 0x1d, [0x730, 0x78, 0x1, 0x2, 0x80, 0x1002, 0x203, 0x7e, 0x4, 0x4b, 0x39cc1919, 0x40, 0x9, 0x5, 0xffff2d37, 0x881, 0x6, 0x3, 0x0, 0x5, 0x4, 0x3, 0x5, 0x3c5d, 0x1, 0x0, 0x9, 0x2, 0x15bb, 0x2, 0xe65f, 0x3, 0x7, 0x3, 0x7fff, 0x7, 0x80000000, 0xa72, 0x3, 0x7, 0x0, 0x71, 0xe, 0x5, 0x1, 0x5, 0x9, 0x3a, 0xffffff7f, 0x6, 0x6, 0xfffbffff, 0x5, 0x4, 0x8, 0x0, 0x80, 0x2, 0x4, 0x9, 0x8, 0x7, 0x1f, 0x40], [0x10000007, 0x3, 0x800, 0x8000, 0x10, 0xffeffff1, 0x8, 0x200c7, 0xf9, 0x10, 0x2bf, 0x0, 0xfff, 0xb7b3, 0x5, 0x0, 0x5, 0x1, 0x6, 0xe, 0x4312, 0x7c, 0xea4, 0xf61, 0x4, 0x22, 0x8000, 0x40009, 0xbb6, 0x401, 0x6, 0x1, 0xff, 0x5, 0x10000005, 0x5f31, 0x7f9, 0x9, 0x2, 0x2, 0x9, 0x5, 0x9, 0x8, 0x800000d, 0x88da, 0x2007, 0xd, 0x1, 0xfe000000, 0x410002, 0x2, 0x7b, 0x9, 0x3, 0x3, 0x8, 0x1, 0x7, 0x3, 0x9, 0x48c93690, 0x1000042, 0xffff], [0x7, 0xf5fd, 0x0, 0x5, 0x1, 0x100, 0xa, 0x800009, 0x800003, 0x7fff, 0x0, 0x5, 0xf, 0x4, 0x5, 0x20000005, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x0, 0x3e7, 0xa, 0x5, 0x200, 0x5, 0x3, 0x8, 0x8, 0x6cfc, 0x5, 0x39, 0x8007, 0x200, 0x80, 0x3, 0x4e0a, 0x7, 0x1000, 0xa2, 0x7, 0x5, 0x3, 0x6, 0xac8, 0xffffffff, 0x2, 0x11, 0x7ff, 0xfffffff9, 0x0, 0x10000, 0xffff, 0x2b98, 0x1, 0x4, 0x120000, 0xba, 0x0, 0xa2ed, 0x2, 0x25], [0x9, 0xbb31, 0x80000007, 0x8, 0x5, 0x3, 0xa, 0x80000006, 0x0, 0x5, 0x7d, 0xc9, 0x6, 0x6, 0x8, 0x57b, 0x7, 0x7fffffff, 0x6, 0x7ffd, 0xfffd, 0x4, 0x20002, 0x5, 0xe8a0556, 0x2, 0x14c, 0x1, 0x6, 0x6, 0x83, 0x80000000, 0x5, 0x8, 0xce, 0xee1, 0xfffff000, 0x179, 0x3, 0x7e, 0x100, 0x9600, 0x56e, 0x2, 0x1007, 0x40000006, 0x5, 0x0, 0x8, 0x4, 0x30b1d693, 0xa1f, 0xc, 0x800007, 0xfffffffe, 0x3, 0x0, 0xffff, 0x8000007, 0x2bf, 0x3, 0x204, 0x7fffffff, 0x8]}, 0x45c)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="7000000010000304000080000000000000007400", @ANYRES32=r5, @ANYBLOB="0000000003120100500012800b000100627269646765000040000280080005000100000006002700000000000800010015000800050025000000000008000400000000000c002e"], 0x70}, 0x1, 0x0, 0x0, 0x800}, 0x40)

5m55.060930064s ago: executing program 32 (id=106):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000680)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4800000010000104000000000007000000000000", @ANYRES32=r2, @ANYBLOB="3f00000006020400280012800b0001006272696467650000180002800c002e00030000000300000005000700080000008e9363c4c553ed46"], 0x48}, 0x1, 0x0, 0x0, 0x44000}, 0x0)
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x200000000000011, 0x2, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz1\x00', {0x4, 0x0, 0x5374}, 0x1d, [0x730, 0x78, 0x1, 0x2, 0x80, 0x1002, 0x203, 0x7e, 0x4, 0x4b, 0x39cc1919, 0x40, 0x9, 0x5, 0xffff2d37, 0x881, 0x6, 0x3, 0x0, 0x5, 0x4, 0x3, 0x5, 0x3c5d, 0x1, 0x0, 0x9, 0x2, 0x15bb, 0x2, 0xe65f, 0x3, 0x7, 0x3, 0x7fff, 0x7, 0x80000000, 0xa72, 0x3, 0x7, 0x0, 0x71, 0xe, 0x5, 0x1, 0x5, 0x9, 0x3a, 0xffffff7f, 0x6, 0x6, 0xfffbffff, 0x5, 0x4, 0x8, 0x0, 0x80, 0x2, 0x4, 0x9, 0x8, 0x7, 0x1f, 0x40], [0x10000007, 0x3, 0x800, 0x8000, 0x10, 0xffeffff1, 0x8, 0x200c7, 0xf9, 0x10, 0x2bf, 0x0, 0xfff, 0xb7b3, 0x5, 0x0, 0x5, 0x1, 0x6, 0xe, 0x4312, 0x7c, 0xea4, 0xf61, 0x4, 0x22, 0x8000, 0x40009, 0xbb6, 0x401, 0x6, 0x1, 0xff, 0x5, 0x10000005, 0x5f31, 0x7f9, 0x9, 0x2, 0x2, 0x9, 0x5, 0x9, 0x8, 0x800000d, 0x88da, 0x2007, 0xd, 0x1, 0xfe000000, 0x410002, 0x2, 0x7b, 0x9, 0x3, 0x3, 0x8, 0x1, 0x7, 0x3, 0x9, 0x48c93690, 0x1000042, 0xffff], [0x7, 0xf5fd, 0x0, 0x5, 0x1, 0x100, 0xa, 0x800009, 0x800003, 0x7fff, 0x0, 0x5, 0xf, 0x4, 0x5, 0x20000005, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x0, 0x3e7, 0xa, 0x5, 0x200, 0x5, 0x3, 0x8, 0x8, 0x6cfc, 0x5, 0x39, 0x8007, 0x200, 0x80, 0x3, 0x4e0a, 0x7, 0x1000, 0xa2, 0x7, 0x5, 0x3, 0x6, 0xac8, 0xffffffff, 0x2, 0x11, 0x7ff, 0xfffffff9, 0x0, 0x10000, 0xffff, 0x2b98, 0x1, 0x4, 0x120000, 0xba, 0x0, 0xa2ed, 0x2, 0x25], [0x9, 0xbb31, 0x80000007, 0x8, 0x5, 0x3, 0xa, 0x80000006, 0x0, 0x5, 0x7d, 0xc9, 0x6, 0x6, 0x8, 0x57b, 0x7, 0x7fffffff, 0x6, 0x7ffd, 0xfffd, 0x4, 0x20002, 0x5, 0xe8a0556, 0x2, 0x14c, 0x1, 0x6, 0x6, 0x83, 0x80000000, 0x5, 0x8, 0xce, 0xee1, 0xfffff000, 0x179, 0x3, 0x7e, 0x100, 0x9600, 0x56e, 0x2, 0x1007, 0x40000006, 0x5, 0x0, 0x8, 0x4, 0x30b1d693, 0xa1f, 0xc, 0x800007, 0xfffffffe, 0x3, 0x0, 0xffff, 0x8000007, 0x2bf, 0x3, 0x204, 0x7fffffff, 0x8]}, 0x45c)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="7000000010000304000080000000000000007400", @ANYRES32=r5, @ANYBLOB="0000000003120100500012800b000100627269646765000040000280080005000100000006002700000000000800010015000800050025000000000008000400000000000c002e"], 0x70}, 0x1, 0x0, 0x0, 0x800}, 0x40)

4m58.525417614s ago: executing program 3 (id=285):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$AUTOFS_IOC_FAIL(r0, 0x4c81, 0xffffffffffffffb6)
sendto$inet(0xffffffffffffffff, &(0x7f0000000140)='^', 0x1, 0x11, &(0x7f0000004ff0)={0x2, 0x4e23, @rand_addr=0xfffffffffffffffe}, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYBLOB, @ANYBLOB, @ANYRES64=0x0], 0x20)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4)
r1 = socket$netlink(0x10, 0x3, 0x4)
socket$inet6_tcp(0xa, 0x1, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f0000000440)="580000001400192340834b80040d8c560a067fbc45ff810500000000070058000b480400945f640094272d7061d328b92d0000000000008000f0fffeffe809000000fff5dd00000010000100040808004149004001040800", 0x58}], 0x1)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r2, 0x84, 0x80, 0x0, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, 0x0, &(0x7f0000000180))

4m58.449961852s ago: executing program 3 (id=288):
syz_genetlink_get_family_id$wireguard(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040004}, 0x20040890)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0)
close(r0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
close(r1)
r2 = socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8b18, &(0x7f0000000000)={'wlan1\x00', @random="010000000700"})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000300)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000a40)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="3b9600000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="4a003300400000000802110000010802110000010802110000000000000601010101010101002d1b00801b06000000000000000d00c0001c0000000004ce950000e972"], 0x68}}, 0x14)
ioctl$SIOCSIFHWADDR(r0, 0x8b06, &(0x7f0000000000)={'wlan1\x00', @random="02000000000a"})

4m56.353251456s ago: executing program 3 (id=293):
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
mount$9p_fd(0x0, 0x0, 0x0, 0x10001, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$tmpfs(0x0, 0x0, &(0x7f0000000180), 0x400, &(0x7f0000001f80)=ANY=[])
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008080}, 0x0)
r1 = mq_open(&(0x7f0000000080)='eth0\x00#~\x02\x00\x00\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfd\x05\x00\x00\x00\x00\x00\x80\x00\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94uu_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18A\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x05\x00\x00\x000\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xce\x00\x00\x00\xe8\vq+\xbb\xc7\xaf\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
socket$inet_sctp(0x2, 0x1, 0x84)
mq_timedsend(r1, &(0x7f0000000600)="6d12483bb95dab4da2bccb9a5c51f7769b4aa2ed6f00bcfff2058843f7de72fa8f9dd7572991db9f2968c67d150dbd80321f91c14a7705c3d6e2292f74d074e24cdfdc28da61b60db4ac67a81c04430dd72555dcebe8193594b8fe29718d5781fe3f418379dab48089b86edc4facdbc388e30fdfabe867722b348dcfbff8f7745bb98584b3384eb1b1c541d05427c4e5c33b3692ebf599d4a179bcd27271d55e4a38ac7be3cae3e85eddbdcf574ac462df22b6b2242245f32d5826de908a96ea66331cad4d0ff094f552e118ee643f2f12f854c32d4e548bd82a69c4102bc516a41a52436f6dfd80133de801fdc8e75276c631f041d86269f2ba0791e8119868816c1fe9c78654919d6dcce67a5f32b77575867f43f76e99108bf9ee3fd550cc18f8bee8505da7ea8fe0a3a9e40c01be1d39435821c5f52cf39a7d5558f278b01be298e5460d3ebf011345ed0030603f767fe44876fdf1cb172a4cbfb2f7784ac61c4786a147b6d446eaf46d5b26c6b85580ba4913fc12a443d8dcf05d08513ae01a7f489826fdc8bff83c1708ebbc060aa72d25e6ce21521799bd37c34fdad973fd7e17070b7783bf341fc079c6b0c9811388430c84540d8d544d1887b73e3a9d2625358be4b09128ee7f8d2dacf2d9704b9143c0341568d1e39429e1d442d21878c87271e66651e12d077b8dd49c0bf285097e261a5116b91036368265c1c5b74353bb42ff4936e27a20c48dea290685b09c2e5baa29dbeb790969f793692fb112c973329236f30bd29c39ee6104e1e0ccd1f855e5837d156c83834661a2aa8929ad78c025413179d880ee905d0b1ee1c9c3eacb63ac807a6ce73d492502ce52beba9ea5214a9387e2c5a810a96e14956809b6865e46a9d9ce2deb4cce2155562dd7e3daef9b3c0c0a55f1fe1a89835971dbc9c09ee9d4abe827b0e87dcd08e5e7cf08869cdcd6fe7f42d93c075db2fec9d96aff21410c3cbd5d904ed147af08c297011ec105dec6fb319cc5637ac71dac05d01ef356dcc6b6bd3f8625204d92f6d0447c0ee5c72d13b4e951a5ba060d4e0ab4680bba08ca9e0079ed6332e6449e01ec480903b0f377e08e8146c8a1e86df678dd88f3768e0958b04f24d58f39a15ee93e4b3e1e2dcd91f8cd36c37b2806d5f7c1871d0e1d7496ac64b377a8fb32104166536597bbfd6d814b2eb41970ba1aef50238e34ec8069690029c58c8a01b28b711ff44aed4652629c7cdc7843d83efe9514bb5b1f80d1047e6075870c53505a142e48d6897d7811f84d8c3e8f9985f9a9d01c8fd68960aee376caa465f25622d7ff5deae8f0d628e048bc4387ca3046067768f3014a3ef4d1b55123ce45507ab1b6f587f6302bb9b715899d2fc20cabfd306549b6a2ec8ea5169e5be19cf59ef71cbb16d402cdc62a422b2bf5c01bb6139e60fd61ea4b77382c7e2e038c6511bfe08f7a3cea5e793f9e2cb4facce20e719d179104418f6745bf8065c70da3815c8e1a1b650d96865c41fd45dbcae51e1d54b41002c2f673cd1008dbf3f17847dd28d8fe3c24ef238000be692e05b0365cb7691fa8f134efe70df46b5cc4765def995971ae0c45f653292f4a3c26300e359afbe0c4", 0x479, 0x6, 0x0)
mq_timedreceive(r1, &(0x7f000001a600)=""/102385, 0x18ff1, 0x0, 0x0)

4m55.992951011s ago: executing program 3 (id=296):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(0xffffffffffffffff, &(0x7f0000000500)={0xa, 0x4e20, 0xffffffff, @empty, 0x4}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000300)={0xa, 0x4e1d, 0x9, @local, 0x2}, 0x1c)
socket$inet_udp(0x2, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x40, &(0x7f0000000080)={[{@errors_remount}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}]}, 0x0, 0x4f7, &(0x7f0000000540)="$eJzs3c9vI1cdAPDvTOJNmqZNCpUKCOhSCgtarZ1426jqqVxAqKqEqDhxSEPijaLYcRQ7pQkrNfkfkKjEAcGJMwckDpV64ojgBre9LAekBVagDRIHo/GPbHZjJ2HXsVX785FGM2/eeL7vrTXveb9J/AIYW1cj4iAirkTEexEx1z6ftLd4q7Vl1z24f3v16P7t1SQajXf/kTTrs3Nx4jWZZ9v3nI6I738n4kfJ6bi1vf3NlXK5tNMuF+qV7UJtb//GRmVlvbRe2ioWlxaXFt64+Xqxb319ufKbe9/eePsHH//uS3f/dPDNn2TNmm3XnexHP7W6njuOk5mMiLcvI9gQTLT7c2XYDeGJpBHxmYh4pfn8z8VE8928mC6PNQDwKdBozEVj7mQZABh1aTMHlqT5di5gNtI0n2/l8F6MmbRcrdWv36rubq21cmXzkUtvbZRLC+1c4Xzkkqy8+GF2/LBcjEfLNyPihYj46dQzzXJ+9eJ5BgCgv559bP7/91Rr/gcARtz0eRcsD6YdAMDgnDv/AwAjx/wPAOPH/A8A48f8DwDjx/wPAOPmTmf+nxh2SwCAgfjeO+9kW+Oo/f3Xa+/v7W5W37+xVqpt5iu7q/nV6s52fr1aXS+X8qvVynn3K1er24uvxe4HhXqpVi/U9vaXK9Xdrfpy83u9l0u5gfQKADjLCy9/8pckIg7efKa5xYm1HMzVMNrSYTcAGBo5fxhfvoUbxpf/4wPnreXZ81eEP3qCYI0Pn+BFQL9d+7z8P4wr+X8YX/L/ML7k/2F8NRpJrzX/0+NLAICRIscPDPTn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAiZpvb/IlymubzEc9FxHzkklsb5dJCRDwfEX+eyk1l5cWhthgAeHrp35L2+l/X5l6dfbz2SvKfqeY+In7883d/9sFKvb6zmJ3/5/H5+kft88VhtB8AOE9nnu7M4x0P7t9e7WyDbM+9b7UWF83iHrW3Vs1kTGa7P05HLiJm/pW0ym3Z55WJPsQ/OIyIz3Xrf9LMjcy3Vz59PH4W+7mBxk8fiZ8261r77N/is6fuPNUz5nlrvcK4+CQbf97q9vylcbW5n+66+PF0c4R6ep3x7+jU+Nd53qebY0238e/qRWO89vvv9qw7jPjCZLf4yXH8pEf8Vy8Y/84Xv/xKr7rGLyOuRff4J2MV6pXtQm1v/8ZGZWW9tF7aKhaXFpcW3rj5erHQzFEXOpnq0/7+5vXne/b/1xEzPeJPn9P/r53Z68bxAPyr/773w6/0in8Y8Y2vdn//XzwjfjYnfv3M+A+tzPy25/LdWfy1Vv8P/9/3//oF49/96/7aBS8FAAagtre/uVIul3b6epCLPt/wxEFySW12MOIH2efxp73PS+2UWddr/vCLj1/KKofe074cDHlgAi7dw4d+2C0BAAAAAAAAAAAAAAB6ufQ/J0qH3UMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABG2f8CAAD//zwQyy8=")
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc13, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r1, &(0x7f0000006b40)={0x2020}, 0x2020)

4m53.299072474s ago: executing program 3 (id=301):
r0 = socket$rxrpc(0x21, 0x2, 0x2)
bind$rxrpc(r0, &(0x7f0000000000)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r0, 0x0)
listen(r0, 0x0)
syz_open_dev$I2C(&(0x7f00000000c0), 0x0, 0x1a1100)
r1 = syz_open_dev$I2C(&(0x7f0000000140), 0xd0, 0x2e4c0)
ioctl$I2C_TENBIT(r1, 0x704, 0x8000000)
syz_mount_image$udf(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="6e6f6164696e6963622c6e6f7374726963742c6d6f64653d30303030303030303030303030303030303030303030342c7569643d666f726765742c6e6f6164696e6963622c756d61736b3d30303030303030303030303030303034303030323030302c6c617374626c6f636b3d30303030303030303030303030303030303031332c756e64656c6574652c706172746974696f6e3d30303030303030303030303030303030303030352c002c8766d2fada4c3ad2ac082bc7173399e7495495fed7acdd89796464b5f2623c15ac928b3ca465f527e47157"], 0x43, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)

4m48.855068417s ago: executing program 3 (id=314):
r0 = syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0xb8f1, 0x1, 0xffffffee, 0x1c3}, &(0x7f0000000040), &(0x7f0000000000))
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0x7, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x21340, 0x1ff)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r3}, &(0x7f00000006c0), &(0x7f0000000380)=r2}, 0x20)
recvmsg$unix(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000009c0)=""/181, 0xb5}], 0x1, 0x0, 0x0, 0x1000000}, 0x0)
shutdown(r1, 0x0)

4m47.831491346s ago: executing program 33 (id=314):
r0 = syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0xb8f1, 0x1, 0xffffffee, 0x1c3}, &(0x7f0000000040), &(0x7f0000000000))
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0x7, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x21340, 0x1ff)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r3}, &(0x7f00000006c0), &(0x7f0000000380)=r2}, 0x20)
recvmsg$unix(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000009c0)=""/181, 0xb5}], 0x1, 0x0, 0x0, 0x1000000}, 0x0)
shutdown(r1, 0x0)

19.905418991s ago: executing program 1 (id=1100):
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x800000000000001, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x4004743d, 0x110e22fff6)
ioctl$KVM_CAP_SPLIT_IRQCHIP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000240))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)

16.927006791s ago: executing program 6 (id=1099):
socket$qrtr(0x2a, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000001a300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r3 = socket$xdp(0x2c, 0x3, 0x0)
getsockopt$XDP_MMAP_OFFSETS(r3, 0x11b, 0x1, 0x0, 0xfffffffffffffffc)

15.91050648s ago: executing program 6 (id=1102):
socket$inet_udp(0x2, 0x2, 0x0)
openat$uinput(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000440)={'ip_vti0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x7c7, 0x3, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x86, 0x4, 0x0, @loopback, @local}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r2, 0x89f3, &(0x7f0000000080)={'syztnl0\x00', &(0x7f0000000040)={'tunl0\x00', 0x0, 0x20, 0x7, 0x7fffffd, 0x6, {{0x5, 0x4, 0x0, 0x16, 0xfffffffffffffe8b, 0xfffc, 0x0, 0x7f, 0x4, 0x0, @empty, @empty}}}})
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_CALL(r1, 0x4001af84, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
ioctl$HIDIOCGRAWPHYS(r3, 0x4004480d, 0x0)

14.226597184s ago: executing program 0 (id=1105):
syz_open_dev$video(&(0x7f0000000040), 0x20000008, 0x2404)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$tipc(0x1e, 0x5, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
setsockopt$bt_BT_DEFER_SETUP(r2, 0x112, 0x7, 0x0, 0x0)
ioctl$SIOCGSKNS(r1, 0x894c, 0x0)
socket(0x1d, 0x2, 0x6)
ioctl$BLKFINISHZONE(0xffffffffffffffff, 0x40101288, &(0x7f0000000080)={0x6, 0x9})

12.664957876s ago: executing program 0 (id=1109):
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./bus\x00', 0xa00000, &(0x7f0000000680)={[{@rootdir={'rootdir', 0x3d, 0x3}}, {@anchor={'anchor', 0x3d, 0x6}}, {@undelete}, {@uid}, {@iocharset={'iocharset', 0x3d, 'koi8-u'}}, {@longad}, {@shortad}, {@uid_forget}, {@dmode={'dmode', 0x3d, 0x4}}]}, 0x1, 0xc49, &(0x7f0000001d40)="$eJzs3U9sHNd9B/DfGy3FldxWTOwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIWMzsW3FJkbYskhIlfz429d2deW/2vXnrGVnQmxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMTvvXLx1Om0zY5DD6ExAMADcXnsq6fObHf/BwAeW1d2+v9/AAAAAAAAAAAAAADgoEhRxJORYu7yWpqo3nfUL7X7bt0eHx7ZvtqRVNU8VJUvf+qnz5w996UXhs5381J75gPq77XPxGtjVy42Xp69OTc/tbAwNdkYn2lfm52cuucj7Lb+VoPVCWjcfP3W5PXrC40zz5/dtPv2wPv9TxwfuDD07MlnumXHh0dGxjaK1HvL1+67IR07zfA4HEWcjBTPfe+nqRURRez+XNQf7NhvdaTqxGDVifHhkaoj0+3WzGK5c7R7IoqIRk+lZvccbT8WUet7oH3YWTNiqWx+2eDBsntjc6351tXpqcZoa36xvdienRlNndaW/WlEEedTxHJErPbffbi+KKIWKb5zbC1dzU/9qM7DF6uJwTu3o9jHPt6Dsp2Nvojl4hEYswOsP4p4NVL87J0TcS1fZ6przRciXi3zBxFvlflSRCq/GOci3tvme8SjqRZF/Hk5/hfW0mR1PeheVy59rfGVmeuzPWW715WPeH+460rxkO4PR7bkg3HAr031KKJVXfHX0v3/ZgcAAAAAAAAAAAAAAACAvXYkivh0pHjl3/6omlcc1bz0YxeGfn/gl3vnjD/9Iccpyz4fEUvFvc3JPZwnBo6m0ZQe8lzij7N6FPHHef7ftx52YwAAAAAAAAAAAAAAAAAAAD7WivhJpHjx3RNpOXrXFG/P3GhcaV2d7qwK2137t7tm+vr6+nojdbKZcyLnUs7lnCs5V3NGkevnbOacyLmUcznnSs7VnHEo18/ZzDmRcynncs6VnKs5o5br52zmnMi5lHM550rO1ZxxQNbuBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4nBRRxC8ixbe/sZYiRUQzYiI6udL/sFsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJT6UxHfjxSNP2je2VaLiFT923Gi/OVcNA+X+cloDpX5UjQv5mxVWWt+6yG0n93pS0X8OFL019++M+B5/Ps67+58DeKtb268+0ytk4e6Owfe73/i+LELQyOfe3qn12m7Bgxeas/cut0YHx4ZGevZXMuf/smebQP5c4u96ToRsfDGm6+3pqen5u//RfkV2EX1R+hFqn1ceupF9SJqB6IZD6fvm9Qf1gWKfVXe/9+LFL/97r93b/id+389fqnz7s4dPn7+Jxv3/xe3Huge7/+1rfXy/b+8p293/3+yZ9uL+XcjfbWI+uLNub7jEfWFN9482b7ZujF1Y2rm3KlTXx4a+vLZU32HI+rX29NTPa/25HQBAAAAAAAAAAAAAAAAPDipiN+NFK0fr6VGRNyu5msNXBh69uQzh+JQNd9q07zt18auXGy8PHtzbn5qYWFqsjE+0742Ozl1rx9Xr6Z7jQ+P7EtnPtSRfW7/kfrLs3NvzLdv/OHitvuP1i9eXVicb13bfncciSKi2btlsGrw+PBI1ejpdmumqjq67WT6j64vFfEfkeLauUb6fN6W5/9vneG/af7/0tYD7eH8/88d3Zj/94meouVnplTEzyPFb/3F0/H5qp1H465zlsv9TaQYPP/ZXC4Ol+W6beg8V6AzM7As+z+R4h9+sblsdz7kkxtlT3+kk/sIKMf/WKT4/p99N349b9v8/Iftx//o1gPt0/MfnurZdnTT8wp23XXy+J+MFC89+Xb8RrXl/z7w+R/dZ2+c6BTeeD7HPo3/r/ZsG8if+5t71XkAAAAAAAAAAIBHWF8q4m8jxQ9HaumFvO1e/v7f5NYD7dPf//pUz7bJvVmv6ENf7PqkAgAAAMAB0ZeK+EmkuLH49p051Jvnf/fM//ydjfmfw2nL3urP+X6lem7AXv75X6+B/LkTu+82AAAAAAAAAAAAAAAAAAAAHCgpFfFCXk99oprPP7njeuorkeKV/3oul0vHy3LddeAHql/rl2dnTl6cnp6tx2Lr6vRUY2yudW2qrPtUpFj768/mukW1vnp3vfnOGu8ba7HPR4qRv+uW7azF3l2b/KmNsqfLsp+IFP/595vL5qWp89rRVdkzZdm/ihRf/6ftyx7fKHu2LPvdSPGjrze6ZY+WZbvPR/3URtnnr80W+zAqAAAAAAAAAAAAAAAAAAAAfNz0pSL+NFL8983lO3P58/r/fT1vK299s2e9/y1uV+v8D1Tr/+/0+n7W/6+eK7C006cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDjKUURb0aKuctraaW/fN9Rv9SeuXV7fHhk+2pHUlXzUFW+/KmfPnP23JdeGDrfzQ+uv9c+Ha+NXbnYeHn25tz81MLC1GRjfKZ9bXZy6p6PsNv6Ww1WJ6Bx8/Vbk9evLzTOPH920+7bA+/3P3F84MLQsyef6ZYdHx4ZGespU+u770+/S9ph++Eo4i8jxXPf+2n6YX9EEbs/Fx/y3dlvR6pODFadGB8eqToy3W7NLJY7R7snooho9FRqds/RAxiLXWlGLJXNLxs8WHZvbK4137o6PdUYbc0vthfbszOjqdPasj+NKOJ8iliOiNX+uw/XF0W8Him+c2wt/XN/xKHuefji5bGvnjqzczuKfezjPSjb2eiLWC62jln9TpkDM2YHWH8U8Y+R4mfvnIh/6Y+oRecnvhDxapk/iHgrOuOdyi/GuYj3tvke8WiqRRH/W47/hbX0Tn95PeheVy59rfGVmeuzPWW715VH/v7wIB3w+0k9ivhRdcVfS//qv2sAAAAAAAAAAAAAAACAA6SIX4sUL757IlXzg+/MKW7P3GhcaV2d7kzr6879686ZXl9fX2+kTjZzTuRcyrmccyXnas4ocv2czTLr6+sT+f1SzuWcKzlXc8ahXD9nM+dEzqWcyzlXcq7mjFqun7OZcyLnUs7lnCs5V3PGAZm7BwAAAAAAAAAAAAAAAAAAPF6K6p8U3/7GWlrv76wvPRGdXLEe6GPv/wMAAP//UG/5JA==")
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYBLOB="380000001800dd8d00000000000000000200000000000006000000000600150004000000140016"], 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmmsg(r3, &(0x7f0000000000), 0x4000000000001f2, 0x0)
getsockopt$SO_COOKIE(0xffffffffffffffff, 0x1, 0x39, 0x0, &(0x7f00000000c0))

9.977263928s ago: executing program 6 (id=1112):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399eb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3576], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
shutdown(0xffffffffffffffff, 0x0)
r1 = socket(0x40000000015, 0x5, 0x0)
socket$netlink(0x10, 0x3, 0x8000000004)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(r1, &(0x7f0000001740)=[{{0x0, 0x500, &(0x7f0000001400)=[{&(0x7f0000000400)=""/4096, 0x1000}], 0x1}}], 0x4000210, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, 0x0, 0x0, 0x8, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x36}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)

9.86165421s ago: executing program 0 (id=1113):
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x36e, &(0x7f00000007c0)="$eJzs3U1oM0UYwPEnaZImeXmbHERRkA6+CHpZ2uhZDNKCELC0jdgKwrbdaMialGyoRsS2J4+Kd0+Ch9KbBQ8F7VnoxZteRPDWi6BgBXVlv5LNV9PGpMH2/4OSycw8uzPZSXk27WYv3vj03UrJ0kp6Q6JJJRERkUuRrEQlEPEfo245IfLJd622A3n+wW8/PL22UUx6FWo5v/5CTik1N//Nex+m/G6ns3Kefevi19wv54+fP3nxz/o7ZUuVLVWtNZSutmo/NfQt01A7ZauiKbViGrplqHLVMupe+1f+dsza7m5T6dWdh+ndumFZSq82VcVoqkZNNepNpb+tl6tK0zT1MC0Ypni0uqrnRwzeHvNgMCH1el6fEZFUT0vxaCoDAgAAU9Wd/0edlH5Y/h/Syv83Za5QWFpVTud2/n/8zFnjwesnc37+f5rol/+/+KO3rY783zmdaOf/Ne/8oDQ8//9cbpD/92ZE98vI+X92AoPBaOYTPVWRjmdO/p/237+uwzePF9wC+T8AAAAAAAAAAAAAAAAAAAAAAP8Hl7adsW07EzwGP+1LCPznuJMGHf9ZEUk6R9/m+N9laxubknQv3HOOsfnxXnGv6D36Hc5ExBTjb7ubszaCK4+UIyvfmvt+/P5eccZtyZek7MTLomQk666nULxtL79aWFpUHj++dZlSOhyfk4w8Fo7/2l2dTnyuM97ff0KeexSK1yQj329LTUzZcSPb+/9oUalXXit0xafcfiLy860fFAAAAAAAxkxTLX3P3zVtULv3LSP5kvsxkSELkpG/+p/fL/Q9P49lnopNe/YAAAAAANwPVvODii5Ro+4WTLNfISUDm8ZQiHXUxEWkb+dEV038qi3PhGZ43fEkxLuDyX+d1xfBq3qTqOAfKZyBt5r8O6rIaOMJ5u/WRGLP/u43/XnTeUUOxF0AB+GmqFwjPNY9+HmnQvXt/Gjgdg79ibRqgo+NEgNeZ1np3U70ipUQ76mxI6MtgCc++/KP8b1BXjrxV8D7wzsfmoa9L9c5KF0FZxe9TfGJ/+IBAAAAcOvaSX9Q83K4OXwjkfDNcvjLPQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYzSRr/TrKgze++xtThUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYun8DAAD//7ct9c4=")
pipe(&(0x7f0000000140))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f600"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000580)={0xffffffffffffffff, 0x0, 0x44, 0x0, &(0x7f0000000080)="f6f4e9a10000502468da5eb1c6b2feff8833c0000000000000c548dc7914cb11ad63bf3707164aac031971c4be105eb953f86fbc6b204e076aa7a493e796123bbbd8e3b7e62d8fd097cf21d6d431a069ebc0aefd5fce80cc99fb38c771fa46e2c32a95fe99", 0x0, 0x86, 0x0, 0xffffffffffffff80, 0x0, &(0x7f0000000000)="daf9e846ab156efc71b59652333536dbfd26a6d0546366e36eb77dd0aaa2dbe567d168904cf0d5bce1771889c98ffc0abf", 0x0}, 0x15)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETCHAIN(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000040a010304000000000000000000ad00"], 0x14}, 0x1, 0x0, 0x0, 0x8801}, 0x800)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
recvmsg(r2, &(0x7f0000002240)={0x0, 0x0, 0x0}, 0x0)

9.591097596s ago: executing program 0 (id=1116):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010000a3b370086d04ae08581101020301090212000d000000000904"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$rtl8150(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000740)={0x34, &(0x7f00000005c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_disconnect(r0)

7.366691012s ago: executing program 1 (id=1122):
ioperm(0x0, 0xf, 0x94f)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
r2 = openat$autofs(0xffffffffffffff9c, 0x0, 0x4180, 0x0)
statx(r1, 0x0, 0x4000, 0x400, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, 0x0)
pidfd_send_signal(0xffffffffffffffff, 0x3, 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0xa13ca8e5839881a8, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

7.196090979s ago: executing program 1 (id=1123):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000003c0)='./bus\x00', 0xe, &(0x7f0000000540)={[{@resuid}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@stripe}, {@noblock_validity}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==")
mkdir(0x0, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000100)=@v1={0x0, @adiantum, 0x0, @desc1})
chdir(&(0x7f0000000300)='./bus\x00')
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
fcntl$lock(r2, 0x26, &(0x7f0000000080)={0x1, 0x0, 0x2007, 0x1fd})
fcntl$lock(r2, 0x26, &(0x7f00000000c0)={0x1, 0x2, 0x9, 0x401})
chdir(&(0x7f00000003c0)='./bus\x00')
openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x289c2, 0x1)

7.124037286s ago: executing program 6 (id=1125):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
shmget$private(0x0, 0x8000, 0x10, &(0x7f0000ff5000/0x8000)=nil)
r1 = fsopen(&(0x7f0000000040)='9p\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)

5.364611048s ago: executing program 2 (id=1128):
timer_create(0x0, 0x0, 0x0)
r0 = getpid()
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0xb101e, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x200044, &(0x7f0000000480)=ANY=[@ANYBLOB='iocharset=cp865,utf8=1,utf8=0,utf8=1,iocharset=utf8,sys_immutable,uni_xlate=0,uni_xlate=1,uni_xlate=1,gid=', @ANYRESHEX, @ANYBLOB="41004e4e54ee88866d537e9598610c3aa4821db83ef3f0185262560fcfcb5520f3bc7693b7838e83754caebd1d44fc4c3fc3ffa77c3330591ca76f57218579978ea4cce177c3edaccc60468898bf4067e3b1daae4953b47375230a899ce1a97f1677fa98c1b3e0f89216712f1fd23774ac8977f45e42166faa213261ddb1bb730146a259651de8c6c3c90b9ba3bc80b8278e3f776fedbfdf775af45bd9d5e5325e5f16bc412c3b"], 0x1, 0x1b1, &(0x7f0000000280)="$eJzs2zFrE2EYB/DnahrTOiSDkzjc6BSafoIGqSAGBCWDgqDYBqQnBQsBHWw3B7+EH8bBVT+JYwfhpLk0aUKEGpocJL/fkodc/rnnfcMleQJ5ff/90cHxSe9V70fUkiQ29iKN8yQasRGXzgIAWCXneR6/8zzPb5/F1rfI87zsjgCARfP5DwDr5/mLl0/anc7+szStRWRf+t1+t7gtjrd78S6yOIydqMefuPiCMFTUjx539nfSgUZ8zU6H+dN+99ZkvhX1aMzOt4p8OpnfjO2r+d2ox93Z+d2Z+Wo8qI7ymxFRj19v4ziyOIiL7Dj/uZWmD592pvJ3Bo8DAACAVdBMRwbzezUm5/dmc/L4eD4u8u3k2r8PTM3XlbhXKXftALCuTj5+OnqTZYcf5ihqw+eYM3694ud2cZIFnuKGisstHd2zt4z9+d+ierXDqWJrwa1Wlr7kJCLK2vDvEVH6yz3XRT0oSngzApZqfPWX3QkAAAAAAAAAAAAAAPAvy/hfUdlrBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGD9/A0AAP//W1+CbQ==")
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000300)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r2 = syz_pidfd_open(r0, 0x0)
setns(r2, 0x24020000)
umount2(&(0x7f0000000040)='.\x00', 0x2)

5.363014488s ago: executing program 1 (id=1129):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r1)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000020c0)=@newqdisc={0x38, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x7}}]}, 0x38}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'wg0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0xd, 0x8}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x16b08, 0xb49, 0x4, 0xf, 0x80, 0x1, 0x9, 0x6, 0xb46}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x51}, 0x8000)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=@newqdisc={0x78, 0x24, 0x3fe3aa0262d8c583, 0x4, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0x4}, {0xffff, 0xffff}, {0x0, 0x8}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x3, 0x800, 0xc749, 0x0, 0xfffffffe, 0x6}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x5, 0xfffffffffffffffe, 0xfffffffd, 0xed2, 0xe, 0x4}}]}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x14}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@getqdisc={0x24, 0x26, 0x705, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x1, 0xfff1}, {0x10, 0x8}, {0x4, 0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x4c88b}, 0x0)

5.349040539s ago: executing program 5 (id=1130):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000002c0)=""/100, &(0x7f0000000500)=""/74, 0xeeef0000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000e40))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f00000009c0)=""/251, 0x0, 0x4})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000100)=0x1)
ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f0000000200)=&(0x7f0000000180))
syz_clone(0x900a000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x204410, &(0x7f0000000740), 0xfe, 0x4a1, &(0x7f00000001c0)="$eJzs3M1vVFUbAPDn3mnLN+3Li6h8SBWNjR8tLags3Gh0p4mJLnBjUttCKgM1tCRCiFZjcGlI3BvdGKJ/gSvdGHVl4lb3hoQoMQFdmDF35t4yU2ZKW6YdcH6/5JZz5p7pOc+ce+499x6mAXStwexHErE1In6JiP5atrHAYO2f61fPT/x19fxEEpXKq78n1XLXrp6fKIoW79uSZ4bSiPTDJK+k0ezZcyfGy+Wp03l+ZO7k2yOzZ889OX1y/PjU8alTY0eOHD40+szTY0+1Jc4srmu7353Zm/S8fvHliaMX3/zhqzQidu2r7a+P47akWxaSg1ngf1SqFhd7pC2V3Tm21aWTng42hBUpRUTWXb3V8d8fpbjRef3x4gcdbRywprJr04bWu+crwH9YEp1uAdAZxYU+u/8ttnWaetwRrjxXuwHK4r6eb7U9PZHmZXrXsP77IuLo/N+fZlvk/fDP1jWsEADoet9k858nms3/0thVV257voYyEBH/i4gdEfH/iNgZEfdEVMvem89nVqK2NFRayN88/0wvrzq4Zcjmf8/ma1uN879i9hcDpTy3rRp/b3Jsujx1MP9MhqJ3Q5YfXaKOb1/4+eNW+wbr5n/ZltVfzAXzdlzuWfSAbnJ8brxdk9Ir70fs7mkWf7KwEpBExP0RsXtlv3p7kZh+7NLeVoVuHf8S2rDOVPks4tFa/8/HovgLydLrkyMbozx1cKQ4Km72408XXmle+8bbi78Nsv7f3Hj8LyrR/2dSv147u/I6Lvz6Uct7ytUe/33Ja9Ux2Ze/9s743Nzp0Yi+5KVqvuH1sRvvLfJF+Sz+oQPNx/+O/D1Z/HsiIjuI90XEAxGxP2/7gxHxUEQcWCL+759/+K0VxT+9vv0/2fT8t3D8DzT2/8oTpRPffd2q/jz+4mTbov8PV1ND+SvV898ttG5OlKciKpVVH80AAABw98luvLdGkg4vpNN0eLj2f/h3xua0PDM79/ixmTOnJmvfERiI3rR40tWfPw/N7rZHk/n8N9aej47lz4qL56WH8ufGn5Q2VfPDEzPlyQ7HDt1uS4vxn/mt1OnWAWvO97Wgey0e/2mH2gGsP9d/6F7GP3Qv4x+6V934//LMhT3VxHvVn/sXdjRdC1jiL4cAd4dF1/9Ln3eqIcC6M/+H7mX8Q/cy/qEr3c73+juT2JS3/FaF+zrf1NUlvuidLWXx1e1KeiI637DGRKRLlXkjmu8ajIg1aljcER9LuxPJMg715SaOHc+HznIKd/KsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0D7/BgAA//9ajd4t")
openat(0xffffffffffffff9c, 0x0, 0x0, 0x10)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)

5.33554083s ago: executing program 6 (id=1131):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
setsockopt$SO_J1939_FILTER(0xffffffffffffffff, 0x6b, 0x1, 0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
flistxattr(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="fc0000001900010029bd7000fbdbdf25ff010000060000800000000000000001fe8000000000000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000004000000000000000000000000000000000000000000000000000000000000000200000000000000fdffffffffffffff000000000000000000000000000000000500000000000000000000000020000000000000000000000000000000000000010002000000000044000500fe800000000000000000000000000044000004d42b0000000a000000e00000010000000000000000000000000000000004"], 0xfc}, 0x1, 0x0, 0x0, 0x24008040}, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r0, &(0x7f0000004d00), 0x7fffffffffffd33, 0x20000890)
syz_usb_connect$cdc_ncm(0x6, 0x8f, 0x0, 0x0)

5.13848858s ago: executing program 5 (id=1132):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
connect$pppl2tp(r3, &(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, r4, {0x2, 0x4e20, @broadcast}, 0x1, 0x0, 0x2}}, 0x26)

4.909171252s ago: executing program 1 (id=1133):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
open(0x0, 0x14927e, 0xa0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)=@ipv6_deladdrlabel={0x1c, 0x48, 0x1, 0x70bd29, 0x25dfdbff, {0xa, 0x0, 0x80, 0x0, 0x0, 0xfffffff9}}, 0x1c}}, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1f2)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000180)='./file1\x00', 0x1218088, &(0x7f00000005c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae356940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c1a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b52a0352a82c794995bbb97c82fcde79d14fb20e5127150de"], 0xa, 0x2c2, &(0x7f00000008c0)="$eJzs3T+LI2UcB/DfZHOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2rrAwMpOZndk1uyayWXH382n24Xl+33meJxmySZEnH74823+Qx6OnX/wSWZZEbxzjOExiFL1ofBUnjL8JAOD/7LAo4vdiYZ1cEhHZ5pYFAGzQav//+23zp0tZFgCwQffffe/tnd3du+9kkcW92dcHk/KTffl3Mb7zKD6OaTyM12IYRxHV+4T6g3/ZvlcUxbyfl0ZxazY/mJTJ2QfP6uvv/BZR5bdjGKPjWPVuo8q/tXt3u4rng05+Xq7j+Xr+cZm/E8N48Th8In9nkc+7+Zik8eornfXfjmH8/FF8EtN4UC2izX+5nedvFt/+8fn75fLKfDI/mAyqulaxdZnPCwAAAAAAAAAAAAAAAAAAAAAAV9vtvDl8J78Zt2ZlV33+ztZRWtfUJaM2VY4vWknT1TkfqDQv4vvOkYJ5URe25/v046V+92BBAAAAAAAAAAAAAAAAAAAAuL6efPrZ/t50+vDxhTSa0wD6EfHn/Yh/e51xp+dmnF88qOfcm057dfNEzbO02xNbTU0Sce4yyk1c0MPyT43nTq+5afzwY7nBdS6YdXpeX77BG5vfV3N37e8ly+caRNOT1TfJd2lEW5PGinOlZw0Vsc7tly4dGq699/SFqjE/s6Y5B+Os67zx62K87klO7yKtHtWls9+oG534qXtjpec9skX8768VSXVax2BDr0QAAAAAAAAAAAAAAAAAAED77d8lg0/PjfYKXwUGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Ipof/9/jca8Dq9QnMbjJ//xFgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALgG/goAAP///CFRHg==")

4.818974201s ago: executing program 2 (id=1134):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040091}, 0x800)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x5206, 0x5, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x1c, 0x0, 0xffffffffffffffff, 0x6, 0xffffffffffffffff], 0x0, 0x41901})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3.90564412s ago: executing program 5 (id=1135):
creat(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mremap(&(0x7f0000532000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000190000/0x1000)=nil)
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)

3.884049172s ago: executing program 2 (id=1136):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000500)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f0000000300)='%pB    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000280)={r4}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x11, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000400008500000061000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000580)={r5, 0x18000000000002a0, 0x48, 0x62, &(0x7f0000000600)="b9ff03075fe9008cb89e08e086dd", 0x0, 0xfe6, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}, 0x28)

3.815008569s ago: executing program 0 (id=1137):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1/file0\x00', 0x2140, 0x8)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r0, 0x0, 0x32, &(0x7f0000004b00), 0x4)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/conntrack\x00', 0x2, 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r1, 0x5453, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x4, 0x4012011, 0xffffffffffffffff, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@ipv4_newroute={0x1c, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x2, {0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6, 0x1400}}, 0x1c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r4, 0x890b, &(0x7f0000000140)={0x0, {0x2, 0x0, @empty}, {0x2, 0x0, @remote}, {0x2, 0x0, @private}, 0xd0})
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@ipv4_newroute={0x1c, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x2900}}, 0x1c}}, 0x8c0)

2.433680083s ago: executing program 2 (id=1138):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getrlimit(0x5, &(0x7f0000000500))
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = dup(r3)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xe501, 0x3, 0x490, 0x320, 0x6affffff, 0x3403000b, 0x320, 0x7, 0x3f8, 0x230, 0x230, 0x3f8, 0x223, 0x3, 0x0, {[{{@ip={@remote, @local, 0x0, 0x0, 'veth1_macvtap\x00', 'veth1_to_team\x00'}, 0x0, 0x2d8, 0x320, 0x0, {0x1000000}, [@common=@unspec=@bpf0={{0x230}, {0x1, [{0x6}]}}, @common=@unspec=@time={{0x38}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x4f0)
syz_read_part_table(0x5be, &(0x7f00000005c0)="$eJzs2z9o02kYB/AnahAUzsXJ4bAOTi6KoxmsJFFRCNEu4qCgiJgpghAhINihzdDSDKVjl1LI0j9T0wwdjpYWOpfSoUehQ6ejXQpdmuOu7+3t9Q8Inw/8ePK+7zd58gy/8Q1+aZfir263m4mI7tWTf7uvlS88u116XH4dkYm3EdHzx28z/5xkUuK/X72T1ptpPTF+rTO49zTb2ni1f/fdYuNSOv+RnuuT7b5TD8e5m8ot3fjZXy0O1XKf14v17YG11ZfTu/ly+0WjOfM8++RDyi2neiXVr1GL7/El3kclKvExqmfUf6y1df/wVrE19+nRQaEzvPAg5UqnnPO4/b/1jLxp1nvvzd4cfVibXynvXD7KVf7H2wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMWbyi3d+NlfLQ7Vcp/Xi/XtgbXVl9O7+XL7RaM58zz75EPKLad6JdWvUYvv8SXeRyUq8TGqZ9R/rLV1//BWsTX36dFBoTO88CDlSqec87j9v/WMvGnWe+/N3hx9WJtfKe9cPspVrp7THwAAAAAAAAAAAAAAAAAAAICIyBee3S49Lr+OyMTbiGj/3vvvVf9uuu+eSbk76cNm2p8Yv9YZ3HuabW282r/7brHxZ9r/kZ7rk+2+i5+Gk/o7AAD//5Yblcc=")

2.433133693s ago: executing program 5 (id=1139):
socket$inet6(0xa, 0x3, 0x84)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000002140)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r1, &(0x7f00000093c0)={0x2020, 0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000004200)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x0, {0x0, 0x14}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x40)
getdents64(r4, 0x0, 0x0)
syz_fuse_handle_req(r1, &(0x7f00000021c0)="7b1713b4c6f02da7493fb6859f0143c68a58166f472c5078104b859bc37f9a49a8f85c9101df3b2736ff9bebcb1a3c2f570b28279b8ff7afdef7451b3d10b4578c2e81784b6e4f410800d997f0689546cee0852e9e9c64c1f95df7b136243cf7aee1b8e7a4e1d6e6fc01337370f0dfc098d975e9a6f90a08f5b845054d1e1fc81adadbf2836ff758bade0484377855b05b3556a91827599638458ad30baea03240b302638b88423ecaba6da1e40f6f1b24d60dde1652f2d5f818af43d49dd55c4eadea945e9b6aa744dca07ec2e00320bef5b045414836941469129670c4cdb953ed61efeeae2ced1b7cb3e7fa4c93cce5623a9e33c69d068b801fd1369aba759e2829c67c705853262fef6669aab956f0f733619dd361be5e1414c7e7ff6218e330156d609fa9f3244a0a4fb678a58e70b86f6dabc3331f755b786c42b4198149941a7a58c83f1f2811209025269c5ffcbe0c34ac98cc091cec2c993bca0aa8400ff9e39cc9fba8dda886f95357957bbad8bb850ab92f7aa9bebcdb0ef188749a1742e5597d199f3ccdc2d807bf757da45acc93e3e9645a1036cb041b3c38dafef367b8dae802bbbc03bacb905d40e1da78591687b416ee380103a670aa8f722c76e13f7f0e3effbb37f15a821b8315fe541e3ffc09289d96db1dfa8861e5da41c812b54ee20ca8b3180f2f46db56954791465cb572de0cce16d789d6fff216ca46977ed724dc0cc8cef7b295ebb2998a5c4662e32ae1001e59f3bfefcd72543bfe1aa6688d65c547089ec0fe1f1d9610095a5a4008b14f46775c368417376ee143856031947db71c455dc40eeeda210fbf258452781ce46e51f6df683a7918770f73d324d9401648d271cb9a7e919401567e400fec420cf363444a78eea03e73176abd6546e1657945aa88f64a21e07fc23edd74512cf89781e8ffe9bb1601ab25d31801332a6c5be9cebb6cb08207bb832106553ea9fc19b4b4f1f0cd55efc2925ffef75e9b12f06b5a7496506a274ca25f88398a1734b7013c3f78a2e49ef0d946a1aff362e37c9b5f5473de11401097722adda87944ee3eeb1bdde60e97484af4d2e5f8b0a9c63bb8bb99461b16edd824add1caf9d5247811cc4f6b48004774f1a4fe4dd125ddbfd8b69ff3ee314aeb445bee9f217a2f5a9e0e84ccd8718471f949086df6cdcbf95e568317e31dd01be1b826cf9a09373b16935fc864794a3886a2f4aacc42135db85f8921916a10aa7111a686979e2a5c9959cafc9774c416c4dfe0b9e06657feb2fbc31e7c11f6e2841680986557c1f2b1ec3c0fcc6a749a3c97a5b370550ab7110e25851b13c0b75a7fb0cd3c4659878209867659c216b467bdcf51e786a59fad084886490fc77e186ab827d844d0ac4682651fc4043f8e87b905532a53017ada44feee1f89f9bc6d2a8b144e721a479f7b90acb91033774f4c12df633548a9097c791ec7e80fa2607c86fce6e9abcae1296528b8488ccf18a4bb0fc9b50c15d294e8d380465465b4eeae26eb6800faba611785cd2ff95ca1923dfa47d5923f89e4eadb612002caceaebbe779c4e3a3833455752eae63689ab8dc03db63d82feeab7f1162eed5909b69ccd5abeb9c071da82cfc76cc692a51d99e0c4bdfa6c81c9878e893a77e1e7105e7910827ddb3353612fa8d5e547b43b5abfe50829c1eb7bfda1731db2a9a1e8f0fc298dfa7009679489f9d9323338b7e59f1e48419ca531d88170a5a1995f576aa125edae9e9ea26f6e9c4bc26323b7db0998c528a7b343ccd87ff44c77e6cfc0a324cc1d4ea79c30015f0caaeccd46e5db580aa5ce8030c2b13b37494557da58abbdc7ce9fc9afa49ce0e8a7a6fa058db210ed654203e7879cf5004ebec57522ed34481b749554b36cd7171209b0763e110096704604f2d3f28c5ddc66c877e3ab63f36137d5a67cbf872aa6af79cb3a66c9040009b5e1c7b718c1b8788156b82d6d800dbe9fc3d16c812a963c73599b79efb89aa74bdbd9b1a2dc0b8ad853f79c0867a3a45d7a1645059171877687a72dd5ed4213c0ab84ef6185e7935346a84450887bdb2b216883e907b13b03c133adc04ab3c5f60209bd90aad3d94443105f08f0ee1b2231e1a1f8cce71de74d5308b78b5d99ce4ad4573faba9fab48bc1615f14d453c67714b99f274de041512b07b885679e6f89f481c28b082084b853c9afcda31def2898284d6ca28fb124df67142821c9705e28093ded60992d9587fb466df839aa2a4973dd48f9372a55da6592646fc918e533955566a2d8dc59277308223aea4dbe0daf839f95516b8995e9eec87df1df9d38693e0824dca7423b08d553b0ae1c5c44533b918eaa02dd17b4c8ce515ae7de410970f670e17b5e3c0a207fb8464d5d442694a271d593fc23ac19619bac32ac17cc6705ce2e6262361eba24277a471602e7ca57cc614ee116e60a9e0b6ac5e3228ea2c650baf1a09e9e5c7a1b25a078d1d11a673d88f6ee33e50d036d7fe4b9c06adc70aede2e35c6738b255690ed3f7a8d2d14e36e360f3bb66978d6cfcfc41887c751c0efc9325d4485a2f561060413fe6af4ce40d87a476201f15a584fc7ba18ddfef5f1d729d5f544c2c6b06befccb444f0408451089f20b06f05ab7d6702b97819b0eff6fb090f21afb3076558e692920053702fc2348f8dade0cb2b007f38d6dcd4ed3bb42553b1bd684791743a1941e5bf2ed234f44be64a95b485a3e949538a40542f25ca4bfce44e291037ab282082f02157a96f4ca0a0c5cd39215fd07461093a4d87a7979f7aa97142bf5b9ef71db537f9acc90f22ca2ded5c1ecd1ba972d05db7f71e8466085c9b3e975fa3a948f2c4049d1a8e46f71157017a3a74ad25e215dcfe7a4c5cb0a7baea0b0ec60c5df82555c553ac60dd39174c721edc0304b836a4de539c3ee55401e13848018f889cc4a0fcd01d9f4978eb730fb1b4a94ede0283f8c95062f01c8c8a3169b2d5c50cdd4f3a248d80a26c950b4036fc6ffefaf5101269fe3594c2cc128220a1d0b5f9f23121f2b184894e129159eaa92d9a30e878839be44d20cbdff3c338cc95795c86121b2b498bd376e895c98d67f6a27eecb46a203aa9de744feedf27b6825cc17aaa098b5ca05cad6bdbe320908ed36bdc8a8f2c777eeb9b037b36c0e36019c264b3e36196501d6cc90e7b1899a72bea5c8a24a5ae62e3684a39a06208bd382cd32acfabd742c76334797fa0c09a2a2a7e1240974afe0f3d6eb44590cf171efb7602009a93bde85cea6701c765dbca7c6a879be41dd08847802d4f59e933df65f727cbb45e3a4a5019f503b6fad7e0338e653f8b2c87aa7f196444e0dc1be6d7c4f0c7ddd663d06ff1365a9c362384a33b0315adbfb2d73359c485cd5410d36d21044bd8d3771c5492803b19f7f3a1a5c3248e66786479fa4416a55855adebeb09528ff5add597790b97bddc16bb9b7b33a1f800701c4293e2c8428dc2684726cfe5539ae0a9bf89e1b6f1989fd0433cc865b308bd0c636402b4b285c290e2439b9ecf0eba156fb6b613ea7f97b04506fe28e9471343c854fdfd48945a7f564acc817e609be8f8a7fdee12e9b592fd8c5c08f51ba8cb95be12cfa497d1539a4b8217818d47ebb3cc669014261530205948fdb9983a0e5759afa9b290ce838102661750ab06d7fe65a39efa6af36c042d2dee36402a6686d58eb144b76033cab4482b8fbdd213a90170939ec98df1fdfca4b37b143a971b9b59fc351098942bba090056c20e8cfbfe8fcbe361d068c98a020f67e807b8db2e45cad83c9970907646c0049c05c1ed657d53d859f1a47bfe6f022be0689de224034d0160b1dbc878ba6dd685911288d7af22ff5eedc1634c36e25f51d0757c7b9c73d7937955da356dea68749d464a75f56c9f6ba36cc1ca8c2f3aa34beae14fba894ca705111cdb19094432c2f6caa0eac78ab09b0cee330f36b1b91a6a5d4896cd15d96c12547826559441cbf578f189f5f04526a4cf76d60144090c2386b747ad50f7962ef2950d2c6f4ff8477ad0681ab24c47ea7ded8c9accff0dfa30489f43f0f3182b88e757fd9a1d82e1c9bb4efe5215518a6e48c688b2dabbd15107c5c6245de0acfd740ea54e0ec212f405f25bc3aafc63009631a4e4749296d47c2bcf25cc95afceb0a1ddb3c6124208f5134981c30489b42eeb864b3123b03106c9b234a465d87c30ef36e00244390de36a5dd93794467ef37bd01b86387855d2ac24e05370212e845082bb22c8fcda0f0bc78ddf971b0b9d69fc50e0d907408e9c9ac4e5099f47db2d0c14d888e363ece768555362a08c408d0119c45f158aad695d455d28e223be2862c19262c9f43eff8855b5a9af4f2cede95e415e2f597bb64c8bb2d608f86b15950ffe2e6bea3cdb221cf8b7eb35e0bdf6638283b09c68cda0bf1ccb9e353a7f0afb58d806923e36b22db68615a7e4e04d0932d928afdc8af3963378ebd5e05058160ac67fadb7a7d9ec498e00f63671b84d880d196c93afb4fc823e7d6576ad824ffb4c90fc780b163a292899ccfcaed81dee2c992787a66800e206df3dfc4a6b441d54ccb1a19a587402a663d510e45a5b1aa96fc467efaf7e71cbbff087f3d2922a133466d5ae9f86b0bc39bb3093b87ac2db941b1fd9e40427402781425d6e8856a2c66cbdd274f4c689758db6dd58ec7d766b177739e8c9173f2b1946be5396aad6d7ed29d058ac231e8c2e6a9077b4a217df4580a2d72bcf0b73e4bd07465deb8798a55ee855b82f1fa7d3748a40485bd90fab94b617d92219c4b65efa022936895e51873058615a19b9d1347120c405c3254f290b4c8b99c8ea9dde3a749ec538421a29d27b48ccd83852abe1a461123e4d36e56508d1827880960362d10835df77f9d4be51f1447cac5ae2017a814de58cd99bcc0c194254b17114ea48f5a0cfe6547686088d527c65180474fd460ffea5d48767ceb65c6fa3d7d3c632591d2d9d65c6c3a35a6ae4dc56322cd84734b0e7a092a4c46c1c607afa6d0e477e8d04e4993e595ba708a0f4466cd8a89fbc06d3cd366007296a9f05b66cfdcd5b30b6745e71d513205d5dbe1e8516d9e9cf133caa994ec0ac2c543d107efd4b9a7d9ee1ee415830a6c2ea17114ea9683726f2c82741f9ad4ac1be6772f0809f18c13f4cfc82fd1b7b3bd29615336003c6784c03fbcae475a58a3c4d68099732c326dfb7643eb150f2354918077bb798b5ecf491cdd0765e3e1ed5d0a37840f1a28f7e188a021781f1896dae7153f9d6639bf66be0c7857d7eccd2a1e6c9fd0cc3594477bb005df9b29f680c966161e37bcec97fc2ef7a2c3bf64e4df5785c9b080c7f9c6d7c515408445d55da499c03ba66369a31157bb03588e84a5303c46cd393c5bd6fbbb8deed94b62d67a9351c259b263c6c4fa65a4dbdd7eee080d82cc5e478c885678edbc9cfce74169ab748d7f4a08aec3e114394fc1d5e361267b8f3fcf38a024928d58158560f7da427680e7611a9f1b8255c67e6ea6b597ebd31bed9fd6f85f9b6ee63d4374c1e50597d1c9f3c56b4266bc632ba66ebecc396f6bead40392dcc138098b4166ab7f8714bd4db0615480705dd200da92dc51ec215844d7599e0a6262e8d5dc6a9452db8994d8b8f19ad4029e0b41b5e13fd6b56230cecea57f3111fe6c78876b3e657fab112968e83a0b64ce9837b89f5dad0d5f0b8b410e3a9a56ab2e9143e90fe371a944989ee206eef777cf4a235333c647e45aab910af492bc7c2213246374251e23accf5818aa2f24823bcba12efe3658e1e2cb49a5d4ffd26453829739647eccd106605921641afe16bbe79c8739062eabeeda4d4a42cb70d84e1e1d3506c7bfba5f5135aaae85b03dc6518eb30d832175cedc5bdca95e600e04902d9eda90c1da4bdd3138ac889398c239068857103ad70b5d1d9fac27c8ccfbcfcf126d9a5441bc963bce4669047ac901a14ca7c7e76f94c77159cdbda5360e04bb539a9d5ccd16a8cc88bacaa5b952c86b163575d7f1cab58f0d612d796b570f3c5debd7d9abde7e24de2c252173f1edc93817192699bddad45eeb41ff398c1bee4d2194f38bf4d2b4ed3a8895476bc441f464753139e204ff5dee7f45ce639d7541c0d396141aeff30cbbfa7157a61993eec98a4356df98665546a1d1e8429fb0c78684000862aac50f7d9a1413e89958f4defd3f087769cafc32bcd6016e496b41b7754cfbe42b352346fd585fb19a80f4af9a19811311b5fc6ea8eb5519a3cf7dbc1a06eed41668e332224c1daa01776e0886044f5a95e5dffc8d9ccce7840eeae97e8cc916db95bdc33fb420e28030c6edb011d5281db1dbeac9bfcaf938a757e3939b025d339e69b9692c8c7352787d399f342e96096e37ca208609e5f93629e36ee442db9fb822ea236683f79875e7dc73ec97f98fe0795f9d83f473cc80a589043a7edd953473684ea4e80f698683a0fc1d8863adc44fc13c27a08921a681ca1ad76207b1a97f8fff7db247ea09b3a6407ea83d82d82d171fc80a8f5fb9f19cd7e94fe121a6a0ef9c4cff7a8689c0abf750dadcc7442c2ca5ed437af5e88e89b0a783a1164cd1eb2a33a64c919d9f08fe5aa7a775352ab6027a7b73d6fef51acebec5516c2a5f2b932b2621bbd2cdb415fce9ba1dbc3de205869fa0423adcedd5570ab0b4b64afafaa458b3840b48f018297aa46426d7893418033f00b5378eac6a70275ec860609b07851b88ecb5da05086adfb80f47c71a77301ca0f1520dfb7a800bc8421abf5eb94942ec818e3a1d45f09ff93e6549b3ef6152c6abe38231b4a82e355e27e363184df51418286d7073cf464eee02310e84b3eccabd2120fcca333130357e1967f67a69f437dcf6a20ca21797230aad086bd4c28348f58b80ec5d27626004533993b9f85897d00bc271a62ab67f92e2eed6d900000000549e8344ad90b47fb5c1ed5908bce94d03bbe98a87a1733b5031f89644c2d35d729e1375969a82f0252859219407c5c87f5d249d5eb8c17001fc7c6dc5d1825851b41e5e937f2c39d7f7196f38f83619da2cddce747bb0e906d0fc13a11fc6c2be3d140ea6da886cd5e194ca9dbff565d2a82e7e82dc5a36084bf02029ea05a9cfe1f3dc80489b426a14372232940ffad8124bd515f0a73fa85c2aa0cd51d76a0cc6e75ccc35b702a4fed4d2e2828d98939406ddc6df1048f0a22611859d6bfcbb0873d102e4b8a86b5d9af8056447f6c1552a603d9f67009fa070db73a01e1b4adbe4e841d0b9a92d148b626c386b25687817e5ec07dbbfa1d62d078578fe21d546414e3c5e29e8e086d7e542a2eb74a67127e7f171e076bbdd62767aae3db467db1df13b3121023bcee33f814d767a9ef14651f76ec89910ed33e9804df8619f69ad06bf0559b00d4efbf6f44e922d50a18ffa25d8ac58dec53a93642186c0ca81b07fe5c14c9c13397649a53ebfcec118e5bb84db053e6e505d07a09bb50f33906e7febac3c85ca337111dbfcb7b9becccaaefa3d857d48f0b3d8646d70fdcf2f1dfb89cc3ba1394cb5de24d999c88235418bc0f20d4036bd0113d298b91c44fe042d3b8e4070e3f828499972524601c4725389122c7fc3e38eb799f7b755f23bd5362880b9275e58eab2c8f42e583890cb84e17f35025d1d76dd28171bee561d21451b4b2ebf23b923221c9ea06b924815889d2b605af66539c3b0ffc30c7170a5581727f0faddb257cb6ab28b3456737d3588fa3bce0ba6a2a5c3c94301fa8a4e6db358731bd3a4a62b42181e04241010d7bc3e973b9fe428175ec8f8e6cbd4e53c8bd957621acb1e42504e6f8a7bb30c382058fc9dcd0cd0ba0b789c316cd58d7b5606cc2a66c872f10e6663346d572ecc37ad1c3d8146a137e35e54096ddc2a5e2d26765d75615fecd09b864b29adfe92763ab54272365f56feeb9b57059744e765485ee322cb879fd3c8fd8bc4727d860995c548bcd41852349f1b2227f5a1f39b24549693fb05c04ba8f190673d11eb27d0bf628489f9b8049f5f3a1e1fed97ba9881da0031ef5960b6b0af825cfae8252b931f6151cba9bf889a5c74051a176c56d3cbb8915d3f28f8f684629bd1e3f87f27909b4e8eca6b88cdd60f3b5bbe0641a469e396080fdd2feeac7a11703b758f1815f100ab2ca4403af34a655f4c35e62778c276c96bb94a3d9f58f3bbd7ae6c4f133f7c4199f18d02d66598a5476941d71c6bb04b520881f23b22b32685ea1ea0dc179ab2f33f07c7039d1a5eedd1905d2a8c7d3c9686758ba5aafdd74f36da7f5522aff5c40e565b50cdd92ce353c3d6c97ce87f0495bdb95d70ea52c8c26b87cd337fd2283b88d7301c32f26833451b8f7c2ee5f44eec58d9eef2a39b3021a29c8747d36a2dbca6c0c085399bb720000000000000009d67e17060abad89c7d8b8970244c2f11ad2f4ae878a3676659b6f178a9b651b12cf9c21e658a32999d596af4648f636df4de8c037d1fa63b1a685e8850156bf99e00666dbc03d3e3b44018659743127f91d44c99b578b86a44f3bcf1523c8cb45accc3c5fedfd7796411eddfc3a7a6b7c57ae10fd4bd3fe9f662dc59747ac4b7cc2584ae3ce2e42a41066dd0d560f1b4c83edc57121dade5e397380bec5f40b5d0beb14aef21b2c68ccfd0eb4959b5e7f5b5779903963298e3c9a2141f145137de1d604d9124c3c4f60a4d54da38a7c32ef2632fe66a8ce8e95ee95a570e18e9fbd44884afe291550839dd61e65c952a3f5c6b61850d1c2a77e18fde734a305b407cf6dbf17afd66da6e42f0e8f66092df46c79b44711f6e8aafa831fa1188beea696672b0e94cc3cae584b30dccf053634f792c2d9f4c87e306991b407949f2870b525d123f9ca23142a0ee13d05f51ed4ff2653727ad5bf16453276b2d5e7d7a8a0a1c4847cb61ac4b08d9abee25165a120d156775a534a62f9af3a3b62726101b94ae1e14352262f017c5361b3341952d194a6a2d470e60df3fde61d343e0af8fdff36ad976af6732b732ceb69344550555174fa280153e08f74d81f4ee69c1eb44a3468e8cf78bf7c1663dae3d31553466faa207b8e9887cb54209fac0b6f6d12d9588351c76e6bad884799afe856a25b5fe737d0ba737a0f1a12b4eb3ede48a0c38e6787ab42fca1c7f2ab42fa6104d5a99aa36b73ac3622ccae122524c28a6557cb7d0a7c7eb5de795647dca0621fc2c9599441dae7cc2a8631252abb5e0f22e9355e0a156a1ab7b1641e345045e8303b5f6dda5c3c1cc2637700cea25c004460d101fc42ad78ae477739a4efbacc57272cfafae15292dc3b2800d9f42002c2062af9a1f329e11140f8317242c04ac1f11cdb45f5f9ab18877daa214c151fb9ac54e3e010b5e7944d7217442d5c4fc29956c1333cb932424096f5b6afe1128db53f7171be4372be8bae538bcb3e4a2eb29608678735a667135e0f2660956e9e2a3ed862209efe65d9ab2fbbf88e5d3384fb3362af00e1ec6b4d3ca40df442b70951026438877189c4b0ae136a9a35c131fdf19115e8dc1ee2b938bfbfdb3808aebbe7dfbbd3510c7070388f5813e8bc63be744b99116c4b84ea37d57c5da7a80cc883aa915d84a249ebfa78ceb124c63b3a0720b19483189ee50824e8581556f0520e434803204cd0f3dd09fc97c979f9a7e3f8e5eca8fccde98fc4939551338235c0c6378faade0d18f7050f29189485e01ec120239373c5478cd19ab27570921415a6680924baf9c5829f3f2115460d1fceb8a026fa1a0a0047fe1cd6fcf1861dd3784e006abfddfe79461c5001e4e32d99c5bc203c21f8c711c5ecccf8941093d95a8db73722bb7511443fb2670244cc1249492e92fc4bf7e06ec6f08c5c6931929d58232b551957b771ea5e4a932b037904b81916e662e3fe95af894e80f699e5c00ab664f381bd9c0bd41322a8b3cf367577429fa52c0f1c44ffc626c215e7103cba05bff4931d9a202c1eb9068f44983d1e0c6d9fb5fed738561651e854a3c1b362ae354a0b4a270386ed2dbef093bd82f07f25edfae31901cb86fd214576b25f769bcb215214c63026b2581a8d17779aae03ba310f3243b3631f4b01c9e3eb342c3bdb44d8e47cdc1683e3b1cfffef72e385cc8831f99425fc406575170e1c106618d5429144a436b9e92d241d8118b5cbe0dca5e8ddd86e671e13080eddcf8dee9e317d192a3a5386378de9b1ecd8cf5439cfbe9f65965e5a5f6c145627ac23fe30c2e06e623b0eca15b225b32b65ce568b656cec0e0d6752fdebffd39c7538472ad7a195b56fcad3fab80016ff006df6b01d785191e4fca143b14ce68b32571476a779515ccb14d35cf9aabd4849c03c9bf12a42cfc2a7146ed6c25892a9d1c48f95314f641142d38cd882e54534d69b3fcc18044309e6debef6dc79d7737956418b955d33737115b44360e0bac14b71e2e64f0c8aea428dce5b65e210c108f832a6041c0aab116488e5863cd1039dc8af537908be3541352bdad303de43387503d19d7c0f0390bdc5b95f1dfb0701fd0e14a22c210837cc0a1cb059de474f4476bfe9bddfe3e7977fb299e82d9eefb18111f7c4a5fbd406fca720fec69340d978f4c9832204d67f6fa5793325e04d4af84acde0b56158e4c606394286a4b3cfc04a426a665529b753e1ce2d6c613159844bd069a67b5b96cb8ec993f05a8e252ed3d8ed63d524af0845f519f9d47b85a773f37031cb91055fb963db50e6a1e368f10a82fa40ac055e0201c6d29661eadb76f8154ef9c1cc210ccf1ccb063e8c00324ed6a14fdefa0167a9abb04debbbf5e7b8a57a7772373c765947f0f67b5130d77a6ca6ab166147d4eba97b4ddf1465d25b02f4430227b5713a29fd84664bfdfa5fc450e48f5263eaca67c16033b79bf1cb819511cf16bae6ffd5d05a7d9cc93067b6f2512fea2424a9c7d178f653ffa7ce1c00924707e3817c7cd461cb2a8cc5eadc40821258eaad7720ee3976c5a60025c317480016e5e5bd884f3646651f3bdc1185ec1a4112eb24ba5b3b6f94ac66322042d4bc48cb5befabfcf950cf8a0165fba3fa019324b53fb56bbfaec7f4ec733e84c22f841c1c9c1dc51dd3ac4887e155ac4095a6b8846c8f401f3c2d48d4de18906193a9f05ed59e3b0add8bc27c0bad8418ccbb842123ce1d39fdeeaa7984dfba9ef121ab4d4d35de076262636f3815708e4bcf31e634a290b13317425b1a4a2e4ebf8537092c7e524c126faa9622bf1337168e003857805dd420a51816fea3cd37c34e483f64a2da3ab67442314ffff40727835a1bc7b9971ccb5f83183cf1a135defd468907b988d97028f904c4d9c712f7d0ed6abe4d80712a7b7e06efcbe6a5b83e32beb1556326af7a97437c35c6a706c6cf4403b98f5134547ac167fd1abcb9245ec3450202ab80e553952412032a6c3cfa64441d4aecabd1e182c50bf67801fd3b44b40648ac9926bbbd7095425a429f2a9550c2fd1267cbf6156897b705255cadf1c7f233f4effd788b3f446dba19e68bbf8b42ff6caf984a4eb51328ab5e2bc28366e8b4df4df967a166470a00", 0x2000, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x150, 0x0, 0x0, [{{0x200000000004, 0x0, 0x0, 0x2, 0x0, 0x0, {0x1000, 0xfffffffffffffffd, 0x0, 0x100000000, 0x2, 0x2, 0x0, 0xb, 0x2, 0xc000, 0xfffffffd, 0x0, 0x0, 0x2000}}, {0x0, 0x0, 0x1, 0x0, '\x00'}}, {{0xfffffffffffffffd, 0x1, 0x80, 0x2328, 0x6, 0x3, {0x200000005, 0x6, 0x9, 0x3, 0x9, 0x7, 0x6, 0xdf, 0x7, 0x6000, 0x2, r3, 0x0, 0xffffffff, 0xf026}}, {0x3, 0x8000000000000001, 0x5, 0x3, '.&$#\\'}}]}, 0x0, 0x0, 0x0})
close_range(r0, 0xffffffffffffffff, 0x0)

2.225283214s ago: executing program 5 (id=1140):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_procfs(0x0, &(0x7f0000000200)='net/ipv6_route\x00')
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=ANY=[@ANYBLOB="300000001800dd8d00000000000000000a00000000"], 0x30}}, 0x4090)

1.210804633s ago: executing program 2 (id=1141):
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = add_key$user(&(0x7f0000002100), &(0x7f0000002180)={'syz', 0x2}, &(0x7f0000000440)="15ecc6fd0e30c5041fef7d99ee21daeb5197225a4a16003a31931a9f19fbab6c6939422695abc18d783df36829816cdbe4efc48cf1ec87dcb4465439363cbf33c94bbd801fab9bf0d5d6db9f8e60bbb836ed81922e78a34483e90c08817ea2982da70ea81a2b272daf42c94185ee86d0a8f60ac3a271e45301", 0x79, 0xfffffffffffffffe)
r4 = add_key$user(&(0x7f0000002300), &(0x7f0000002340)={'syz', 0x3}, &(0x7f0000000100)="370c099069effa43de3e1404db09b4ce1ef77bde4b371532dd16447c1b13403656c86711f6e750026f23029a50d44299c7bf5c78dc5efae2d041016160e8bef7b30c05e298aa9572540dd950307987eef2115e1bcf512bea3410ca5a9e9f827e4b13490dbbd4fc5a45e0738b959acafd2c12863045265bcbc2c9426ac3f614746b436fe86a72dc642dd67d970604a69b4f22cd0076beedc18056ab4bea4c825b69a7a77adcd5488684872b1bb9eb84586549e11b080468668e8fd0e52ce0705a", 0xc0, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000400)={r3, r4, r3}, 0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={'xxhash64\x00'}})

1.169081116s ago: executing program 6 (id=1142):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000001540)={0x5c, 0x2, 0x6, 0x201, 0x0, 0x0, {0xc}, [@IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x60000}]}]}, 0x5c}}, 0x0)

902.973042ms ago: executing program 0 (id=1143):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000002c0)=""/100, &(0x7f0000000500)=""/74, 0xeeef0000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000e40))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000080)={0x0, 0x0, 0x0, &(0x7f00000009c0)=""/251, 0x0, 0x4})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000100)=0x1)
ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f0000000200)=&(0x7f0000000180))
syz_clone(0x900a000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x204410, &(0x7f0000000740), 0xfe, 0x4a1, &(0x7f00000001c0)="$eJzs3M1vVFUbAPDn3mnLN+3Li6h8SBWNjR8tLags3Gh0p4mJLnBjUttCKgM1tCRCiFZjcGlI3BvdGKJ/gSvdGHVl4lb3hoQoMQFdmDF35t4yU2ZKW6YdcH6/5JZz5p7pOc+ce+499x6mAXStwexHErE1In6JiP5atrHAYO2f61fPT/x19fxEEpXKq78n1XLXrp6fKIoW79uSZ4bSiPTDJK+k0ezZcyfGy+Wp03l+ZO7k2yOzZ889OX1y/PjU8alTY0eOHD40+szTY0+1Jc4srmu7353Zm/S8fvHliaMX3/zhqzQidu2r7a+P47akWxaSg1ngf1SqFhd7pC2V3Tm21aWTng42hBUpRUTWXb3V8d8fpbjRef3x4gcdbRywprJr04bWu+crwH9YEp1uAdAZxYU+u/8ttnWaetwRrjxXuwHK4r6eb7U9PZHmZXrXsP77IuLo/N+fZlvk/fDP1jWsEADoet9k858nms3/0thVV257voYyEBH/i4gdEfH/iNgZEfdEVMvem89nVqK2NFRayN88/0wvrzq4Zcjmf8/ma1uN879i9hcDpTy3rRp/b3Jsujx1MP9MhqJ3Q5YfXaKOb1/4+eNW+wbr5n/ZltVfzAXzdlzuWfSAbnJ8brxdk9Ir70fs7mkWf7KwEpBExP0RsXtlv3p7kZh+7NLeVoVuHf8S2rDOVPks4tFa/8/HovgLydLrkyMbozx1cKQ4Km72408XXmle+8bbi78Nsv7f3Hj8LyrR/2dSv147u/I6Lvz6Uct7ytUe/33Ja9Ux2Ze/9s743Nzp0Yi+5KVqvuH1sRvvLfJF+Sz+oQPNx/+O/D1Z/HsiIjuI90XEAxGxP2/7gxHxUEQcWCL+759/+K0VxT+9vv0/2fT8t3D8DzT2/8oTpRPffd2q/jz+4mTbov8PV1ND+SvV898ttG5OlKciKpVVH80AAABw98luvLdGkg4vpNN0eLj2f/h3xua0PDM79/ixmTOnJmvfERiI3rR40tWfPw/N7rZHk/n8N9aej47lz4qL56WH8ufGn5Q2VfPDEzPlyQ7HDt1uS4vxn/mt1OnWAWvO97Wgey0e/2mH2gGsP9d/6F7GP3Qv4x+6V934//LMhT3VxHvVn/sXdjRdC1jiL4cAd4dF1/9Ln3eqIcC6M/+H7mX8Q/cy/qEr3c73+juT2JS3/FaF+zrf1NUlvuidLWXx1e1KeiI637DGRKRLlXkjmu8ajIg1aljcER9LuxPJMg715SaOHc+HznIKd/KsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0D7/BgAA//9ajd4t")
openat(0xffffffffffffff9c, 0x0, 0x0, 0x10)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)

283.432193ms ago: executing program 2 (id=1144):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xbf5ce000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000018c0)=ANY=[@ANYBLOB="0a000000d2cf00003d36000002"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0x3, r3}, 0x38)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000380)={r3, &(0x7f0000001940), &(0x7f00000002c0)=""/187}, 0x20)

269.932044ms ago: executing program 5 (id=1145):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000100)={<r2=>0xffffffffffffffff}, 0x800)
r3 = timerfd_create(0x0, 0x0)
timerfd_settime(r3, 0x3, &(0x7f0000000080)={{}, {0x77359400}}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x8004, &(0x7f00000005c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
ioctl$TFD_IOC_SET_TICKS(r3, 0x40085400, &(0x7f0000000200)=0x7fffffff)
socket$unix(0x1, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
clock_adjtime(0x0, &(0x7f0000000280)={0xc979, 0x1, 0xbf, 0x8, 0x8, 0x1, 0x0, 0x4, 0xf27, 0x80000000, 0x6, 0x3ff, 0x8a8, 0x6, 0x5, 0x413, 0x69, 0x2, 0x6, 0x6, 0x10000, 0x168, 0x2cbf, 0x7, 0xe, 0x5})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1f, 0x3, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)

0s ago: executing program 1 (id=1146):
socket(0x2000000000000021, 0x2, 0x10000000000002)
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x15)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
pipe2$watch_queue(&(0x7f0000000000), 0x80)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0xb, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x400000000, 0x0, 0x8, 0x1000, 0x4}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0xc3ac, 0x2}, &(0x7f0000000300)={0x0, 0x3938700}, 0x0)
unshare(0x6a040000)

kernel console output (not intermixed with test programs):

94967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4395 comm="syz.1.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[   80.206194][   T13] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   80.219008][   T13] usb 3-1: New USB device found, idVendor=05ac, idProduct=0259, bcdDevice= 0.00
[   80.224690][   T26] audit: type=1326 audit(1761122744.593:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4395 comm="syz.1.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[   80.228399][   T13] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.267713][   T13] usb 3-1: config 0 descriptor??
[   80.313358][   T13] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input5
[   80.351267][   T26] audit: type=1326 audit(1761122744.603:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4395 comm="syz.1.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[   80.884676][ T4393] IPVS: sh: TCP [::]:0 - no destination available
[   81.207391][   T26] audit: type=1326 audit(1761122744.603:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4395 comm="syz.1.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[   81.283249][ T3545] bcm5974 3-1:0.0: could not read from device
[   81.294363][   T26] audit: type=1326 audit(1761122744.603:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4395 comm="syz.1.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[   81.315789][ T4412] Zero length message leads to an empty skb
[   81.340215][   T13] usb 3-1: USB disconnect, device number 2
[   81.346199][ T3545] bcm5974 3-1:0.0: could not read from device
[   81.357408][ T3545] bcm5974 3-1:0.0: could not read from device
[   81.364501][ T3545] bcm5974 3-1:0.0: could not read from device
[   81.394087][   T26] audit: type=1326 audit(1761122744.603:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4395 comm="syz.1.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[   81.428248][   T26] audit: type=1326 audit(1761122744.603:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4395 comm="syz.1.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[   81.431542][ T4415] loop4: detected capacity change from 0 to 512
[   81.468417][   T26] audit: type=1326 audit(1761122744.603:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4395 comm="syz.1.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[   81.890093][ T4393] syz.2.28 (4393) used greatest stack depth: 19680 bytes left
[   81.980134][ T4415] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,inode_readahead_blks=0x0000000000000800,minixdf,,errors=continue. Quota mode: writeback.
[   82.346319][ T4415] ext4 filesystem being mounted at /6/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   82.357845][ T4430] netlink: 8 bytes leftover after parsing attributes in process `syz.3.38'.
[   82.515169][ T4430] netlink: 1032 bytes leftover after parsing attributes in process `syz.3.38'.
[   83.626416][ T4444] =======================================================
[   83.626416][ T4444] WARNING: The mand mount option has been deprecated and
[   83.626416][ T4444]          and is ignored by this kernel. Remove the mand
[   83.626416][ T4444]          option from the mount to silence this warning.
[   83.626416][ T4444] =======================================================
[   83.712923][ T4449] kernel profiling enabled (shift: 6)
[   84.706523][ T4468] netlink: 24 bytes leftover after parsing attributes in process `syz.4.49'.
[   86.243057][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[   86.327860][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #140!!!
[   86.337404][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #40!!!
[   86.366073][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #02!!!
[   86.375085][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #02!!!
[   86.384056][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #02!!!
[   86.393022][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #02!!!
[   86.402008][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #02!!!
[   86.410985][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   86.419950][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   86.954656][    T7] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   86.976657][ T1324] cfg80211: failed to load regulatory.db
[   87.926207][    T7] usb 5-1: Using ep0 maxpacket: 8
[   88.046515][    T7] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[   88.123850][    T7] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[   89.636819][    T7] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   89.647064][    T7] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   89.660306][    T7] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   89.669620][    T7] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   90.006278][    T7] usb 5-1: usb_control_msg returned -71
[   90.011902][    T7] usbtmc 5-1:16.0: can't read capabilities
[   90.226090][    T7] usb 5-1: USB disconnect, device number 2
[   90.742611][ T4522] loop7: detected capacity change from 0 to 7
[   90.820438][    C0] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   90.831606][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[   90.844031][    C1] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   90.846656][ T4526] syz.1.66 sent an empty control message without MSG_MORE.
[   90.854996][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   90.908199][    C0] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   90.919189][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[   91.783625][    C1] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   91.794586][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   91.840063][    C0] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   91.851084][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[   92.397498][ T4532] device vlan2 entered promiscuous mode
[   92.424413][ T4536] netlink: 'syz.4.69': attribute type 3 has an invalid length.
[   92.439170][    C0] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.450328][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[   92.471181][ T4536] netlink: 'syz.4.69': attribute type 3 has an invalid length.
[   92.471396][    C0] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.489727][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[   92.497770][ T4522] ldm_validate_partition_table(): Disk read failed.
[   92.513910][    C0] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.515298][ T4536] netlink: 'syz.4.69': attribute type 3 has an invalid length.
[   92.524922][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[   92.537145][    C0] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.551656][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[   92.560323][    C1] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   92.571255][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   92.583268][ T4536] netlink: 'syz.4.69': attribute type 3 has an invalid length.
[   92.592098][ T4536] netlink: 'syz.4.69': attribute type 3 has an invalid length.
[   92.602839][ T4522] Dev loop7: unable to read RDB block 0
[   92.615923][ T4536] netlink: 'syz.4.69': attribute type 3 has an invalid length.
[   92.624680][ T4522]  loop7: unable to read partition table
[   92.635101][ T4522] loop7: partition table beyond EOD, truncated
[   92.641780][ T4536] netlink: 'syz.4.69': attribute type 3 has an invalid length.
[   92.648741][ T4522] loop_reread_partitions: partition scan of loop7 (úùƒå¡™‰ü�¾CêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õ«`ÉæÖ€ù…ˆ{í©Ö�˜Èµ4FLQkÝŠ) failed (rc=-5)
[   92.671928][ T4536] netlink: 'syz.4.69': attribute type 3 has an invalid length.
[   92.681207][ T4536] netlink: 'syz.4.69': attribute type 3 has an invalid length.
[   92.689478][ T4536] netlink: 'syz.4.69': attribute type 3 has an invalid length.
[   92.730994][ T4541] tipc: Started in network mode
[   92.746300][ T4541] tipc: Node identity fffffffa, cluster identity 4711
[   92.767817][ T4541] tipc: Node number set to 4294967290
[   92.901683][ T4549] ieee802154 phy0 wpan0: encryption failed: -22
[   92.948591][ T4549] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[   93.048525][ T4554] loop3: detected capacity change from 0 to 512
[   94.351026][ T4560] binder: 4559:4560 ioctl c0306201 200000000240 returned -11
[   94.373125][ T4554] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   94.384374][ T4554] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   95.514488][ T4570] loop0: detected capacity change from 0 to 4096
[   95.906117][ T2300] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   96.426985][ T2300] usb 5-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[   96.729650][ T4570] EXT4-fs (loop0): Test dummy encryption mode enabled
[   96.739801][ T2300] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   96.766196][ T2300] usb 5-1: Product: syz
[   96.778047][ T4570] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[   96.811672][ T2300] usb 5-1: Manufacturer: syz
[   96.829087][ T4570] System zones: 0-5
[   96.836351][ T2300] usb 5-1: SerialNumber: syz
[   96.865377][ T4570] EXT4-fs (loop0): mounted filesystem without journal. Opts: debug,delalloc,journal_ioprio=0x0000000000000000,test_dummy_encryption,nodiscard,min_batch_time=0x0000000000000004,acl,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback.
[   97.016258][ T4260] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[   97.236529][ T4570] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[   97.301655][ T4570] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[   97.378699][ T4579] udc-core: couldn't find an available UDC or it's busy
[   97.385693][ T4579] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   97.436322][ T4260] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   97.442178][ T2300] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -71
[   97.457767][ T4260] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   97.485128][ T4260] usb 2-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[   97.496836][ T4260] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   97.506245][ T2300] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -71
[   97.518963][ T4260] usb 2-1: config 0 descriptor??
[   97.533900][ T2300] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[   97.560374][ T2300] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[   97.583507][ T2300] lan78xx: probe of 5-1:1.0 failed with error -71
[   97.630364][ T2300] usb 5-1: USB disconnect, device number 3
[   97.764502][ T4612] loop3: detected capacity change from 0 to 1024
[   97.799507][ T4612] EXT4-fs (loop3): Ignoring removed oldalloc option
[   97.818478][ T4612] EXT4-fs (loop3): Ignoring removed bh option
[   97.824626][ T4612] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   97.894244][ T4612] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,usrquota,data_err=ignore,nobarrier,oldalloc,grpquota,noload,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[   98.016711][ T4612] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[   98.046241][ T4260] usbhid 2-1:0.0: can't add hid device: -71
[   98.135593][ T4618] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[   98.735031][ T4621] loop4: detected capacity change from 0 to 128
[   98.773420][ T4260] usbhid: probe of 2-1:0.0 failed with error -71
[   98.786824][ T4260] usb 2-1: USB disconnect, device number 2
[  100.456552][ T4651] sctp: [Deprecated]: syz.3.102 (pid 4651) Use of struct sctp_assoc_value in delayed_ack socket option.
[  100.456552][ T4651] Use struct sctp_sack_info instead
[  102.704676][ T4672] netlink: 12 bytes leftover after parsing attributes in process `syz.0.107'.
[  102.880495][ T4670] netlink: 8 bytes leftover after parsing attributes in process `syz.3.109'.
[  102.912338][ T4670] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  102.922406][ T4670] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  102.931562][ T4670] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  102.940325][ T4670] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  103.614034][ T4690] chnl_net:caif_netlink_parms(): no params data found
[  104.463848][ T4706] tipc: Started in network mode
[  104.493554][ T4706] tipc: Node identity 7f000001, cluster identity 4711
[  104.533612][ T4706] tipc: Enabled bearer <udp:syz2>, priority 10
[  104.623383][ T4690] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.642815][ T4690] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.675920][ T4690] device bridge_slave_0 entered promiscuous mode
[  104.711738][ T4690] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.743143][ T4690] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.757320][ T4690] device bridge_slave_1 entered promiscuous mode
[  104.785374][ T4723] loop3: detected capacity change from 0 to 4096
[  104.854949][ T4690] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  104.862658][ T4690] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  104.898989][ T4730] binder: BINDER_SET_CONTEXT_MGR already set
[  104.899073][ T4730] binder: 4729:4730 ioctl 4018620d 200000000040 returned -16
[  104.985954][ T4723] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  105.080285][ T4690] team0: Port device team_slave_0 added
[  105.082405][ T4690] team0: Port device team_slave_1 added
[  105.147391][ T4563] Bluetooth: hci4: command 0x0409 tx timeout
[  105.204866][ T4690] batman_adv: batadv0: Adding interface: batadv_slave_0
[  105.204932][ T4690] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.204958][ T4690] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  105.213238][ T4690] batman_adv: batadv0: Adding interface: batadv_slave_1
[  105.213255][ T4690] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.213280][ T4690] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  105.353562][ T4690] device hsr_slave_0 entered promiscuous mode
[  105.356603][ T4690] device hsr_slave_1 entered promiscuous mode
[  105.358199][ T4690] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  105.358298][ T4690] Cannot create hsr debugfs directory
[  105.400713][   T26] kauditd_printk_skb: 17 callbacks suppressed
[  105.400729][   T26] audit: type=1804 audit(1761122770.553:29): pid=4742 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.127" name="/newroot/26/file0" dev="fuse" ino=1 res=1 errno=0
[  105.405322][   T26] audit: type=1804 audit(1761122770.553:30): pid=4742 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.127" name="/newroot/26/file0" dev="fuse" ino=1 res=1 errno=0
[  105.533605][ T4563] tipc: Node number set to 2130706433
[  106.903070][ T4762] netlink: 72 bytes leftover after parsing attributes in process `syz.1.131'.
[  107.352939][   T13] Bluetooth: hci4: command 0x041b tx timeout
[  107.389774][ T4690] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  107.432770][ T4690] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  108.630074][ T4690] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  108.698398][ T4690] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  109.198733][ T4690] 8021q: adding VLAN 0 to HW filter on device bond0
[  109.994341][ T2300] Bluetooth: hci4: command 0x040f tx timeout
[  110.078830][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  110.222388][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  110.263932][ T4690] 8021q: adding VLAN 0 to HW filter on device team0
[  111.240537][ T4813]  
[  111.401329][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  111.416415][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  111.596279][ T4283] bridge0: port 1(bridge_slave_0) entered blocking state
[  111.603398][ T4283] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.616574][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  111.645704][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  111.654727][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  111.670723][ T4283] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.678179][ T4283] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.774969][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  111.783882][ T4828] loop3: detected capacity change from 0 to 512
[  111.797226][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  111.812252][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  111.843075][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  112.061808][   T13] Bluetooth: hci4: command 0x0419 tx timeout
[  112.090569][ T4276] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.642972][ T4828] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  112.668409][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  112.705106][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  112.716484][ T4828] ext4 filesystem being mounted at /30/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  112.745551][ T4828] EXT4-fs error (device loop3): ext4_do_update_inode:5210: inode #2: comm syz.3.146: corrupted inode contents
[  112.768306][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  112.784583][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  112.805508][ T4828] EXT4-fs error (device loop3): ext4_dirty_inode:6046: inode #2: comm syz.3.146: mark_inode_dirty error
[  112.824469][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  112.852220][ T4854] batman_adv: batadv0: Adding interface: dummy0
[  112.865086][ T4828] EXT4-fs error (device loop3): ext4_do_update_inode:5210: inode #2: comm syz.3.146: corrupted inode contents
[  112.888886][ T4828] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #2: comm syz.3.146: mark_inode_dirty error
[  112.934717][ T4854] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  112.960015][    C0] vkms_vblank_simulate: vblank timer overrun
[  113.018909][ T4854] batman_adv: batadv0: Interface activated: dummy0
[  113.192282][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  113.203910][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  114.766043][    C1] sched: RT throttling activated
[  114.959268][ T4690] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  115.013041][ T4276] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.091782][ T4850] batadv0: mtu less than device minimum
[  115.137371][ T4850] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  115.150396][ T4850] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  115.162916][ T4850] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  115.175443][ T4850] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  115.187950][ T4850] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  115.200510][ T4850] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  115.213136][ T4850] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  115.225678][ T4850] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  115.238175][ T4850] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  115.262484][ T4865] loop0: detected capacity change from 0 to 2048
[  115.304771][ T4865] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  115.335096][ T4865] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  115.369413][ T4276] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.382338][ T4865] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  115.514079][ T4276] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  115.665350][ T4563] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  115.692383][ T4874] loop2: detected capacity change from 0 to 1024
[  115.700419][ T4875] UDF-fs: unknown compression code (44)
[  115.776887][ T4563] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  115.781555][ T4368] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  115.911258][ T4874] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[  116.056503][ T4865] loop_set_status: loop0 () has still dirty pages (nrpages=4)
[  116.081037][ T4368] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  116.108310][ T4874] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[  116.248205][ T4874] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  116.293643][ T4690] 8021q: adding VLAN 0 to HW filter on device batadv0
[  116.667159][ T4874] EXT4-fs (loop2): mounted filesystem without journal. Opts: nodioread_nolock,nolazytime,abort,errors=continue,dioread_nolock,jqfmt=vfsv0,nomblk_io_submit,nobarrier,,errors=continue. Quota mode: writeback.
[  118.940458][   T26] audit: type=1326 audit(1761122784.093:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4910 comm="syz.3.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c09febfc9 code=0x7ffc0000
[  119.025586][   T26] audit: type=1326 audit(1761122784.093:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4910 comm="syz.3.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4c09febfc9 code=0x7ffc0000
[  119.051936][   T26] audit: type=1326 audit(1761122784.093:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4910 comm="syz.3.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c09febfc9 code=0x7ffc0000
[  119.078751][   T26] audit: type=1326 audit(1761122784.093:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4910 comm="syz.3.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4c09febfc9 code=0x7ffc0000
[  119.104598][   T26] audit: type=1326 audit(1761122784.123:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4910 comm="syz.3.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c09febfc9 code=0x7ffc0000
[  119.141183][   T26] audit: type=1326 audit(1761122784.123:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4910 comm="syz.3.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4c09febfc9 code=0x7ffc0000
[  119.211038][   T26] audit: type=1326 audit(1761122784.123:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4910 comm="syz.3.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c09febfc9 code=0x7ffc0000
[  119.268320][ T4920] tipc: Started in network mode
[  119.273236][ T4920] tipc: Node identity 22bdd58d6307, cluster identity 4711
[  119.284293][   T26] audit: type=1326 audit(1761122784.123:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4910 comm="syz.3.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c09febfc9 code=0x7ffc0000
[  120.279322][ T4920] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  120.286289][   T26] audit: type=1326 audit(1761122784.123:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4910 comm="syz.3.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4c09febfc9 code=0x7ffc0000
[  120.326146][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  120.357265][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  120.425774][   T26] audit: type=1326 audit(1761122784.123:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4910 comm="syz.3.167" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c09febfc9 code=0x7ffc0000
[  120.473398][ T4920] tipc: Disabling bearer <eth:syzkaller0>
[  120.486370][ T4932] loop1: detected capacity change from 0 to 128
[  120.559769][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  120.589847][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  120.618871][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  120.634019][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  120.644069][ T4690] device veth0_vlan entered promiscuous mode
[  120.730563][ T4690] device veth1_vlan entered promiscuous mode
[  120.749724][ T4932] attempt to access beyond end of device
[  120.749724][ T4932] loop1: rw=2049, want=505, limit=128
[  120.811811][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  120.839775][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  120.851395][ T4932] attempt to access beyond end of device
[  120.851395][ T4932] loop1: rw=524288, want=369, limit=128
[  120.853541][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  120.878394][ T4932] attempt to access beyond end of device
[  120.878394][ T4932] loop1: rw=0, want=153, limit=128
[  120.900817][ T4932] attempt to access beyond end of device
[  120.900817][ T4932] loop1: rw=0, want=153, limit=128
[  120.912143][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  120.920485][ T4932] attempt to access beyond end of device
[  120.920485][ T4932] loop1: rw=0, want=153, limit=128
[  120.953008][ T4932] attempt to access beyond end of device
[  120.953008][ T4932] loop1: rw=0, want=153, limit=128
[  120.995173][ T4932] attempt to access beyond end of device
[  120.995173][ T4932] loop1: rw=0, want=153, limit=128
[  121.029756][ T4932] attempt to access beyond end of device
[  121.029756][ T4932] loop1: rw=0, want=153, limit=128
[  121.048288][ T4932] attempt to access beyond end of device
[  121.048288][ T4932] loop1: rw=0, want=153, limit=128
[  121.061952][ T4690] device veth0_macvtap entered promiscuous mode
[  121.069844][ T4932] attempt to access beyond end of device
[  121.069844][ T4932] loop1: rw=0, want=153, limit=128
[  121.079549][ T4690] device veth1_macvtap entered promiscuous mode
[  121.964783][ T4690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  121.977983][ T4690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.988327][ T4690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  122.002069][ T4690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.012459][ T4690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  122.023125][ T4690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.037575][ T4690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  122.039306][ T4954] syz.3.174[4954] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  122.048608][ T4690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.063009][ T4954] syz.3.174[4954] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  122.085516][ T4690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  122.107772][ T4690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.121453][ T4690] batman_adv: batadv0: Interface activated: batadv_slave_0
[  122.133650][ T4690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.155218][ T4690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.165786][ T4690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.177762][ T4690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.189390][ T4690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.200153][ T4690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.210509][ T4690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.221604][ T4956] loop2: detected capacity change from 0 to 1024
[  122.236159][ T4690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.246833][ T4690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  122.257891][ T4690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  122.273585][ T4690] batman_adv: batadv0: Interface activated: batadv_slave_1
[  122.338067][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  122.347413][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  122.369438][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  122.392328][ T4956] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  122.395409][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  122.486991][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  122.496898][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  122.530220][ T4690] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  122.572369][ T4690] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  122.620673][ T4969] capability: warning: `syz.0.178' uses deprecated v2 capabilities in a way that may be insecure
[  122.640587][ T4690] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  122.693453][ T4690] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  122.743109][ T4964] validate_nla: 43 callbacks suppressed
[  122.743127][ T4964] netlink: 'syz.1.175': attribute type 27 has an invalid length.
[  122.862925][ T4964] netlink: 'syz.1.175': attribute type 1 has an invalid length.
[  122.935734][ T4964] bridge0: port 1(bridge_slave_0) entered learning state
[  123.196850][  T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.213588][  T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.275923][ T4212] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  123.325232][ T4212] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  123.366164][ T4212] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.376003][ T4283] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  127.769249][   T26] kauditd_printk_skb: 80 callbacks suppressed
[  127.769265][   T26] audit: type=1326 audit(1761122792.923:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5015 comm="syz.5.190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a41d4afc9 code=0x7ffc0000
[  128.036700][   T26] audit: type=1326 audit(1761122792.923:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5015 comm="syz.5.190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a41d4afc9 code=0x7ffc0000
[  128.100010][ T4276] device hsr_slave_0 left promiscuous mode
[  128.130169][   T26] audit: type=1326 audit(1761122792.923:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5015 comm="syz.5.190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f5a41d4afc9 code=0x7ffc0000
[  128.155529][ T4276] device hsr_slave_1 left promiscuous mode
[  128.679164][ T4276] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  128.706574][   T26] audit: type=1326 audit(1761122792.953:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5015 comm="syz.5.190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a41d4afc9 code=0x7ffc0000
[  128.903220][ T4276] batman_adv: batadv0: Removing interface: batadv_slave_0
[  128.934637][ T4276] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  128.947669][ T4276] batman_adv: batadv0: Removing interface: batadv_slave_1
[  129.202865][   T26] audit: type=1326 audit(1761122792.953:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5015 comm="syz.5.190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7f5a41d4afc9 code=0x7ffc0000
[  129.231614][ T4276] device bridge_slave_1 left promiscuous mode
[  129.254610][ T4276] bridge0: port 2(bridge_slave_1) entered disabled state
[  129.477755][ T5042] loop2: detected capacity change from 0 to 8192
[  129.485192][   T26] audit: type=1326 audit(1761122792.953:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5015 comm="syz.5.190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a41d4afc9 code=0x7ffc0000
[  129.610100][   T26] audit: type=1326 audit(1761122792.953:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5015 comm="syz.5.190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a41d4afc9 code=0x7ffc0000
[  129.637328][ T4276] device bridge_slave_0 left promiscuous mode
[  129.657996][ T4276] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.398882][ T5068] rdma_op ffff8880572ef1f0 conn xmit_rdma 0000000000000000
[  131.157358][ T4276] device veth1_macvtap left promiscuous mode
[  131.169610][ T4276] device veth0_macvtap left promiscuous mode
[  131.207547][ T4276] device veth1_vlan left promiscuous mode
[  131.213878][ T4276] device veth0_vlan left promiscuous mode
[  132.086405][ T5082] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  132.749136][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  132.755516][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  133.509421][ T4276] team0 (unregistering): Port device team_slave_1 removed
[  133.525175][ T4276] team0 (unregistering): Port device team_slave_0 removed
[  133.543070][ T4276] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  133.557926][ T4276] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  133.628655][ T4276] bond0 (unregistering): Released all slaves
[  133.746599][ T5094] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  134.956907][ T5123] netlink: 4 bytes leftover after parsing attributes in process `syz.1.216'.
[  135.041256][ T5130] process 'syz.3.219' launched './file1' with NULL argv: empty string added
[  136.465226][ T5156] netlink: 4 bytes leftover after parsing attributes in process `syz.0.226'.
[  141.709155][ T5156] device hsr_slave_0 left promiscuous mode
[  141.767153][   T26] audit: type=1326 audit(1761122806.923:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5174 comm="syz.2.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  141.877286][   T26] audit: type=1326 audit(1761122806.953:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5174 comm="syz.2.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  141.971048][ T5179] bridge0: port 3(vlan2) entered blocking state
[  142.009524][   T26] audit: type=1326 audit(1761122806.953:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5174 comm="syz.2.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  142.022582][ T5179] bridge0: port 3(vlan2) entered disabled state
[  142.128529][ T5179] device vlan2 entered promiscuous mode
[  142.134283][   T26] audit: type=1326 audit(1761122806.953:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5174 comm="syz.2.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  142.134556][ T5179] net_ratelimit: 10 callbacks suppressed
[  142.134571][ T5179] bridge0: mtu less than device minimum
[  142.266089][   T26] audit: type=1326 audit(1761122806.953:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5174 comm="syz.2.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  142.277758][ T5180] netlink: 8 bytes leftover after parsing attributes in process `syz.3.231'.
[  142.403041][   T26] audit: type=1326 audit(1761122806.953:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5174 comm="syz.2.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  142.501907][   T26] audit: type=1326 audit(1761122806.983:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5174 comm="syz.2.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  142.598388][   T26] audit: type=1326 audit(1761122806.983:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5174 comm="syz.2.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  142.696118][   T26] audit: type=1326 audit(1761122806.983:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5174 comm="syz.2.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  144.186905][ T5217] netlink: 'syz.3.240': attribute type 2 has an invalid length.
[  144.694949][   T26] audit: type=1326 audit(1761122806.983:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5174 comm="syz.2.230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  144.939112][ T5213] netlink: 4 bytes leftover after parsing attributes in process `syz.0.242'.
[  146.517931][ T4303] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  146.564653][ T4303] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  146.808563][ T5226] loop3: detected capacity change from 0 to 2048
[  146.860920][ T5239] netlink: 4 bytes leftover after parsing attributes in process `syz.2.248'.
[  147.623104][ T5226] EXT4-fs (loop3): quotafile must be on filesystem root
[  149.334796][ T5274] netlink: 24 bytes leftover after parsing attributes in process `syz.5.256'.
[  149.438566][ T5277] loop1: detected capacity change from 0 to 164
[  149.452533][ T5281] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  149.581856][ T5277] iso9660: Corrupted directory entry in block 4 of inode 1792
[  149.780841][ T5286] dns_resolver: Unsupported server list version (255)
[  150.551748][ T5296] netlink: 'syz.1.261': attribute type 10 has an invalid length.
[  150.637247][ T5297] loop2: detected capacity change from 0 to 2048
[  150.709009][ T5296] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  150.723922][ T5297] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  150.763718][ T5300] netlink: 'syz.1.261': attribute type 10 has an invalid length.
[  151.015213][ T5300] team0: Failed to send options change via netlink (err -105)
[  151.046704][ T5300] team0: Port device macvlan1 added
[  152.458407][ T5325] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  152.484697][ T5325] CIFS mount error: No usable UNC path provided in device string!
[  152.484697][ T5325] 
[  152.495403][ T5325] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  155.450482][ T5350] input: syz0 as /devices/virtual/input/input6
[  155.466664][ T5351] netlink: 28 bytes leftover after parsing attributes in process `syz.2.276'.
[  155.522997][ T5351] netlink: 'syz.2.276': attribute type 7 has an invalid length.
[  155.583691][ T5351] netlink: 4 bytes leftover after parsing attributes in process `syz.2.276'.
[  155.938472][ T5351] device team0 entered promiscuous mode
[  155.944197][ T5351] device team_slave_0 entered promiscuous mode
[  155.955188][ T5351] device team_slave_1 entered promiscuous mode
[  155.995251][ T5351] device bond0 entered promiscuous mode
[  156.049574][ T5351] device bond_slave_0 entered promiscuous mode
[  156.059241][ T5351] device bond_slave_1 entered promiscuous mode
[  156.429395][ T5351] 8021q: adding VLAN 0 to HW filter on device hsr1
[  156.629048][ T5368] loop0: detected capacity change from 0 to 2048
[  156.699714][ T4462] IPv6: ADDRCONF(NETDEV_CHANGE): hsr1: link becomes ready
[  156.754140][ T5368] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  158.429830][ T5382] deleting an unspecified loop device is not supported.
[  158.646890][   T26] kauditd_printk_skb: 17 callbacks suppressed
[  158.646908][   T26] audit: type=1326 audit(1761122823.743:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5391 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  158.761752][   T26] audit: type=1326 audit(1761122823.743:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5391 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  160.646222][   T26] audit: type=1326 audit(1761122823.743:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5391 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  160.737532][   T26] audit: type=1326 audit(1761122823.743:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5391 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  160.763517][   T26] audit: type=1326 audit(1761122823.743:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5391 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  160.796076][   T26] audit: type=1326 audit(1761122823.743:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5391 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  160.867671][ T5409] netlink: 28 bytes leftover after parsing attributes in process `syz.5.294'.
[  160.942922][ T5409] netlink: 'syz.5.294': attribute type 7 has an invalid length.
[  161.029436][ T5409] netlink: 4 bytes leftover after parsing attributes in process `syz.5.294'.
[  161.059180][   T26] audit: type=1326 audit(1761122823.753:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5391 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  161.092460][ T5409] device team0 entered promiscuous mode
[  161.104561][ T5416] loop1: detected capacity change from 0 to 512
[  161.189317][ T5419] xt_socket: unknown flags 0x4c
[  161.902622][ T5422] loop3: detected capacity change from 0 to 512
[  161.913168][   T26] audit: type=1326 audit(1761122823.753:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5391 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  162.081887][ T5409] device team_slave_0 entered promiscuous mode
[  162.090290][   T26] audit: type=1326 audit(1761122823.753:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5391 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  162.092101][ T5409] device team_slave_1 entered promiscuous mode
[  162.119821][   T26] audit: type=1326 audit(1761122823.753:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5391 comm="syz.1.287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  162.974201][ T5409] device bond0 entered promiscuous mode
[  163.043866][ T5409] device bond_slave_0 entered promiscuous mode
[  163.054944][ T5409] device bond_slave_1 entered promiscuous mode
[  163.213838][ T5416] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  163.267722][ T5416] ext4 filesystem being mounted at /64/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  163.403504][ T5422] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,max_dir_size_kb=0x0000000000000002,. Quota mode: writeback.
[  163.418231][ T5422] ext4 filesystem being mounted at /62/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  163.433497][ T5409] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  163.446279][ T5409] Cannot create hsr debugfs directory
[  163.452224][ T5409] 8021q: adding VLAN 0 to HW filter on device hsr1
[  163.512269][ T4368] IPv6: ADDRCONF(NETDEV_CHANGE): hsr1: link becomes ready
[  163.717355][ T4187] EXT4-fs error (device loop3): ext4_ext_check_inode:501: inode #11: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic 0, entries 0, max 0(0), depth 0(0)
[  163.827752][ T4187] EXT4-fs (loop3): Remounting filesystem read-only
[  163.835966][ T4187] EXT4-fs error (device loop3): ext4_ext_check_inode:501: inode #11: comm syz-executor: pblk 0 bad header/extent: invalid magic - magic 0, entries 0, max 0(0), depth 0(0)
[  164.684057][ T4187] EXT4-fs (loop3): Remounting filesystem read-only
[  164.721191][ T5439] netlink: 16 bytes leftover after parsing attributes in process `syz.5.302'.
[  164.871880][ T5446] binder: BINDER_SET_CONTEXT_MGR already set
[  164.959977][ T5446] binder: 5445:5446 ioctl 4018620d 200000000040 returned -16
[  165.202854][ T4276] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  165.245101][ T4276] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.422625][ T4276] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  166.576071][ T4276] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  166.758103][ T4276] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  166.796111][ T4276] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  167.055866][ T5450] syz.0.304 (5450): drop_caches: 2
[  167.853930][ T4276] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  167.883072][ T4276] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.127782][ T5487] netlink: 8 bytes leftover after parsing attributes in process `syz.2.313'.
[  169.160022][ T5489] netlink: 'syz.2.313': attribute type 10 has an invalid length.
[  169.249984][ T5501] netlink: 16 bytes leftover after parsing attributes in process `syz.1.316'.
[  169.456438][ T4276] tipc: Left network mode
[  170.053048][   T26] kauditd_printk_skb: 13 callbacks suppressed
[  170.053083][   T26] audit: type=1326 audit(1761122835.203:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5516 comm="syz.2.322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  170.435832][   T26] audit: type=1326 audit(1761122835.243:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5516 comm="syz.2.322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  170.529072][   T26] audit: type=1326 audit(1761122835.273:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5516 comm="syz.2.322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  170.551543][   T26] audit: type=1326 audit(1761122835.523:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5516 comm="syz.2.322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  170.574400][   T26] audit: type=1326 audit(1761122835.523:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5516 comm="syz.2.322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  170.596673][    C0] vkms_vblank_simulate: vblank timer overrun
[  171.632886][ T5548] 8021q: VLANs not supported on vcan0
[  171.659221][ T5548] netlink: 788 bytes leftover after parsing attributes in process `syz.5.330'.
[  171.749258][ T5520] chnl_net:caif_netlink_parms(): no params data found
[  171.796261][ T4899] Bluetooth: hci3: command 0x0409 tx timeout
[  171.849714][ T5558] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  171.877239][ T5562] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  171.907611][ T5558] device syzkaller0 entered promiscuous mode
[  172.016214][ T5558] tipc: Resetting bearer <eth:syzkaller0>
[  172.050679][ T5556] tipc: Resetting bearer <eth:syzkaller0>
[  172.068772][ T5556] tipc: Disabling bearer <eth:syzkaller0>
[  172.186295][ T5520] bridge0: port 1(bridge_slave_0) entered blocking state
[  172.193510][ T5520] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.202354][ T5520] device bridge_slave_0 entered promiscuous mode
[  172.232396][ T5520] bridge0: port 2(bridge_slave_1) entered blocking state
[  172.240444][ T5520] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.308369][ T5520] device bridge_slave_1 entered promiscuous mode
[  173.072968][ T5520] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  173.137643][ T4276] device hsr_slave_0 left promiscuous mode
[  173.192066][ T4276] device hsr_slave_1 left promiscuous mode
[  173.280603][ T4276] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  173.341759][ T4276] batman_adv: batadv0: Removing interface: batadv_slave_0
[  173.427465][ T4276] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  173.494947][ T4276] batman_adv: batadv0: Removing interface: batadv_slave_1
[  173.576612][ T4276] device bridge_slave_1 left promiscuous mode
[  173.639578][ T4276] bridge0: port 2(bridge_slave_1) entered disabled state
[  173.740581][ T4276] device bridge_slave_0 left promiscuous mode
[  173.818598][ T4276] bridge0: port 1(bridge_slave_0) entered disabled state
[  173.881630][ T4260] Bluetooth: hci3: command 0x041b tx timeout
[  173.940749][ T4276] device veth1_macvtap left promiscuous mode
[  173.956323][ T4276] device veth0_macvtap left promiscuous mode
[  173.966445][ T4276] device veth1_vlan left promiscuous mode
[  173.972278][ T4276] device veth0_vlan left promiscuous mode
[  176.576429][   T21] Bluetooth: hci3: command 0x040f tx timeout
[  176.692139][ T5627] overlayfs: failed to clone upperpath
[  176.757113][ T4276] team0 (unregistering): Port device team_slave_1 removed
[  176.785444][ T5632] binder_alloc: 5630: pid 5630 spamming oneway? 1 buffers allocated for a total size of 4096
[  176.800669][ T4276] team0 (unregistering): Port device team_slave_0 removed
[  176.843186][ T4276] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  176.877937][ T4276] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  177.098246][ T4276] bond0 (unregistering): Released all slaves
[  178.163553][ T5520] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  178.195555][ T5586] kthread_run failed with err -4
[  178.279863][ T5648] loop2: detected capacity change from 0 to 256
[  178.297734][ T5629] netlink: 'syz.0.344': attribute type 10 has an invalid length.
[  178.586098][ T4260] Bluetooth: hci3: command 0x0419 tx timeout
[  179.193066][ T5629] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  179.360918][ T5520] team0: Port device team_slave_0 added
[  179.429389][ T5520] team0: Port device team_slave_1 added
[  180.288492][   T26] audit: type=1326 audit(1761122845.443:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5655 comm="syz.1.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  180.378217][ T5520] batman_adv: batadv0: Adding interface: batadv_slave_0
[  180.402468][ T5520] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  180.495695][   T26] audit: type=1326 audit(1761122845.443:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5655 comm="syz.1.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  180.558832][   T26] audit: type=1326 audit(1761122845.673:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5655 comm="syz.1.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  180.580947][    C1] vkms_vblank_simulate: vblank timer overrun
[  180.632751][   T26] audit: type=1326 audit(1761122845.673:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5655 comm="syz.1.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  180.716295][ T5520] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  180.729237][ T5520] batman_adv: batadv0: Adding interface: batadv_slave_1
[  180.733193][   T26] audit: type=1326 audit(1761122845.673:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5655 comm="syz.1.353" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  180.736641][ T5520] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  180.784836][    C1] vkms_vblank_simulate: vblank timer overrun
[  181.018228][ T5520] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  181.880728][ T5520] device hsr_slave_0 entered promiscuous mode
[  181.916649][ T5520] device hsr_slave_1 entered promiscuous mode
[  182.176128][ T5682] netlink: 8 bytes leftover after parsing attributes in process `syz.0.357'.
[  182.493599][ T5682] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  183.169536][ T5683] netlink: 1032 bytes leftover after parsing attributes in process `syz.0.357'.
[  183.503906][ T5520] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  183.538401][ T5520] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  183.589530][ T5520] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  183.660908][ T5520] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  184.493400][ T5725] netlink: 12 bytes leftover after parsing attributes in process `syz.1.364'.
[  185.479293][ T5728] loop1: detected capacity change from 0 to 256
[  185.666861][ T5520] 8021q: adding VLAN 0 to HW filter on device bond0
[  185.736984][  T849] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  185.752431][ T5728] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  185.784089][  T849] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  185.822669][ T5728] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  185.864553][ T5520] 8021q: adding VLAN 0 to HW filter on device team0
[  185.904860][ T5728] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  185.920193][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  185.942611][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  185.943022][ T5736] sctp: failed to load transform for md5: -2
[  185.997859][ T4441] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.005120][ T4441] bridge0: port 1(bridge_slave_0) entered forwarding state
[  186.062101][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  186.120543][ T5749] netlink: 8 bytes leftover after parsing attributes in process `syz.2.370'.
[  186.195936][ T5749] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  186.327469][ T4212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  186.426133][ T4212] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  186.588523][ T4212] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.595694][ T4212] bridge0: port 2(bridge_slave_1) entered forwarding state
[  186.819771][ T4212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  186.979700][ T5749] netlink: 1032 bytes leftover after parsing attributes in process `syz.2.370'.
[  187.095189][ T4212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  187.169342][ T4212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  187.207086][ T4212] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  187.275703][ T4212] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  187.307459][ T4212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  187.329059][ T4212] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  187.342675][ T5770] loop0: detected capacity change from 0 to 64
[  187.350018][ T5767] loop2: detected capacity change from 0 to 2048
[  187.359057][ T4212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  187.385584][ T4212] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  187.437212][ T5770] MINIX-fs: deleted inode referenced: 1
[  187.443396][ T4212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  187.464826][ T5767] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  187.482085][ T4212] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  187.534384][ T5520] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  189.193930][ T5800] netlink: 12 bytes leftover after parsing attributes in process `syz.1.377'.
[  189.280356][ T5800] 8021q: adding VLAN 0 to HW filter on device bond1
[  189.304986][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  189.322893][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  189.404819][ T5805] loop2: detected capacity change from 0 to 4096
[  189.464588][ T5806] device veth3 entered promiscuous mode
[  189.485313][ T5806] bond1: (slave veth3): Enslaving as an active interface with an up link
[  189.784191][ T4212] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  190.479010][ T5520] 8021q: adding VLAN 0 to HW filter on device batadv0
[  191.146152][ T1108] Bluetooth: hci0: command 0x0406 tx timeout
[  191.273512][ T4563] Bluetooth: hci2: command 0x0406 tx timeout
[  191.322061][ T4563] Bluetooth: hci1: command 0x0406 tx timeout
[  194.213772][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  194.225911][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  194.843453][ T4476] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  194.909971][ T4476] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  194.989355][ T5520] device veth0_vlan entered promiscuous mode
[  195.000810][ T5858] netlink: 'syz.0.388': attribute type 10 has an invalid length.
[  195.058616][ T5858] device syz_tun entered promiscuous mode
[  195.144994][ T5858] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  195.172236][ T5520] device veth1_vlan entered promiscuous mode
[  195.223712][ T4276] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  195.283995][ T4276] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  195.438121][ T4276] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  195.703356][ T4276] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  195.853107][ T4276] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  195.914847][ T4276] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  196.005195][ T4276] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  196.039717][ T4276] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  196.051261][ T5520] device veth0_macvtap entered promiscuous mode
[  196.561263][ T5520] device veth1_macvtap entered promiscuous mode
[  197.036103][ T5876] netlink: 4 bytes leftover after parsing attributes in process `syz.1.390'.
[  197.181761][ T5879] netlink: 'syz.5.394': attribute type 27 has an invalid length.
[  197.275914][ T5894] loop2: detected capacity change from 0 to 512
[  197.704782][ T5879] bridge0: port 2(bridge_slave_1) entered disabled state
[  197.713270][ T5879] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.276601][ T5879] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  198.327945][ T5879] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  198.629799][ T5908] loop2: detected capacity change from 0 to 256
[  198.674770][   T26] audit: type=1804 audit(1761122863.823:188): pid=5908 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.400" name="/newroot/89/file0/file1" dev="overlay" ino=499 res=1 errno=0
[  198.710446][   T26] audit: type=1804 audit(1761122863.823:189): pid=5908 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.400" name="/newroot/89/file0/file1" dev="overlay" ino=499 res=1 errno=0
[  198.958057][ T5879] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  198.967452][ T5879] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  198.976968][ T5879] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  198.985871][ T5879] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  199.137202][ T5520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  199.166043][ T5520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.179778][ T5520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  199.190394][ T5520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.200245][ T5520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  199.211092][ T5520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.222238][ T5520] batman_adv: batadv0: Interface activated: batadv_slave_0
[  199.233920][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  199.248281][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  199.261692][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  199.287522][ T5520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  199.308448][ T5520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.353767][ T5520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  199.368407][ T5520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.379228][ T5520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  199.390463][ T5520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.411855][ T5520] batman_adv: batadv0: Interface activated: batadv_slave_1
[  199.441462][ T4212] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  199.453756][ T4212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  199.466773][ T5520] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  199.475699][ T5520] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  199.487327][ T5520] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  199.496958][ T5520] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  200.259662][ T4276] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  200.328997][ T4276] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  200.490451][ T4276] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  200.521208][ T4276] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  200.551483][ T4276] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  200.554326][ T5929] device syzkaller0 entered promiscuous mode
[  200.590969][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  201.303774][ T5945] sch_tbf: burst 512 is lower than device syzkaller0 mtu (1500) !
[  204.540417][ T5977] mmap: syz.5.417 (5977) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  205.191239][ T5968] bridge0: port 2(bridge_slave_1) entered disabled state
[  205.199032][ T5968] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.607186][ T5968] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  207.472189][ T5968] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  208.017730][ T6001] xt_l2tp: missing protocol rule (udp|l2tpip)
[  208.124016][ T5968] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  208.139815][ T5968] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  208.150145][ T5968] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  208.163721][ T5968] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  208.661100][ T5980] tipc: Enabled bearer <eth:team0>, priority 0
[  209.005615][   T26] audit: type=1326 audit(1761122874.153:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6023 comm="syz.0.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb5dcb7fc9 code=0x7ffc0000
[  209.062323][   T26] audit: type=1326 audit(1761122874.193:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6023 comm="syz.0.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7feb5dcb7fc9 code=0x7ffc0000
[  209.125300][   T26] audit: type=1326 audit(1761122874.193:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6023 comm="syz.0.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb5dcb7fc9 code=0x7ffc0000
[  209.149713][   T26] audit: type=1326 audit(1761122874.193:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6023 comm="syz.0.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7feb5dcb7fc9 code=0x7ffc0000
[  209.172938][   T26] audit: type=1326 audit(1761122874.203:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6023 comm="syz.0.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb5dcb7fc9 code=0x7ffc0000
[  209.204947][   T26] audit: type=1326 audit(1761122874.203:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6023 comm="syz.0.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7feb5dcb7fc9 code=0x7ffc0000
[  209.248643][   T26] audit: type=1326 audit(1761122874.203:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6023 comm="syz.0.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb5dcb7fc9 code=0x7ffc0000
[  209.272106][   T26] audit: type=1326 audit(1761122874.203:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6023 comm="syz.0.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7feb5dcb7fc9 code=0x7ffc0000
[  209.307529][   T26] audit: type=1326 audit(1761122874.203:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6023 comm="syz.0.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb5dcb7fc9 code=0x7ffc0000
[  209.352591][   T26] audit: type=1326 audit(1761122874.203:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6023 comm="syz.0.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7feb5dcb7fc9 code=0x7ffc0000
[  210.374221][ T6049] netlink: zone id is out of range
[  210.407489][ T6049] netlink: zone id is out of range
[  210.519924][ T6049] netlink: zone id is out of range
[  210.583018][ T6051] loop6: detected capacity change from 0 to 764
[  210.628282][ T6049] netlink: zone id is out of range
[  210.727098][ T6049] netlink: zone id is out of range
[  210.875199][ T6049] netlink: zone id is out of range
[  210.927760][ T6049] netlink: zone id is out of range
[  210.932991][ T6049] netlink: zone id is out of range
[  210.942677][ T6049] netlink: zone id is out of range
[  210.961633][ T6049] netlink: zone id is out of range
[  211.086169][ T4899] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  211.180721][ T6061] Symlink component flag not implemented
[  211.186560][ T6061] Symlink component flag not implemented
[  211.193101][ T6061] Symlink component flag not implemented (129)
[  211.199404][ T6061] Symlink component flag not implemented (6)
[  211.213620][ T6061] rock: directory entry would overflow storage
[  211.220122][ T6061] rock: sig=0x4f50, size=4, remaining=3
[  211.225748][ T6061] iso9660: Corrupted directory entry in block 6 of inode 1792
[  211.366217][ T4899] usb 2-1: Using ep0 maxpacket: 8
[  211.486532][ T4899] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  211.520950][ T4899] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  211.588156][ T4899] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  211.660358][ T4899] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  211.754283][ T4899] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  211.817400][ T4899] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.975408][ T6077] futex_wake_op: syz.6.440 tries to shift op by 32; fix this program
[  212.024914][ T6077] loop6: detected capacity change from 0 to 512
[  212.091997][ T6077] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  212.136843][ T4899] usb 2-1: GET_CAPABILITIES returned 0
[  212.142532][ T4899] usbtmc 2-1:16.0: can't read capabilities
[  212.168922][ T6077] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  212.248059][ T6077] EXT4-fs (loop6): 1 truncate cleaned up
[  212.273145][ T6077] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  212.340019][ T6043] 9pnet_virtio: no channels available for device syz
[  212.378533][ T6077] C: renamed from lo
[  212.406094][ T4899] usb 2-1: USB disconnect, device number 3
[  212.444942][ T6085] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  212.453893][ T6085] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  212.462775][ T6085] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  212.471692][ T6085] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  212.491087][ T6077] EXT4-fs error (device loop6): ext4_validate_block_bitmap:429: comm syz.6.440: bg 0: block 4: invalid block bitmap
[  212.557583][ T6085] device vxlan0 entered promiscuous mode
[  212.566578][ T6085] bond0: (slave vxlan0): Enslaving as an active interface with an up link
[  217.200630][ T6129] binder: 6126:6129 ioctl c0306201 200000000240 returned -11
[  219.712556][ T6163] netlink: 4 bytes leftover after parsing attributes in process `syz.6.458'.
[  219.955479][ T6165] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  223.184593][ T6249] loop1: detected capacity change from 0 to 1024
[  223.632070][ T6238] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  223.814193][ T6238] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  224.048414][ T6249] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  224.905110][    T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  224.932658][    T7] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  226.996272][ T4899] Bluetooth: hci4: command 0x0406 tx timeout
[  229.404783][ T6399] fuse: Bad value for 'fd'
[  231.819610][ T6438] netlink: 12 bytes leftover after parsing attributes in process `syz.5.490'.
[  234.066172][ T6461] netlink: 'syz.0.495': attribute type 3 has an invalid length.
[  234.719218][ T6465] netlink: 'syz.1.497': attribute type 10 has an invalid length.
[  234.772851][ T6465] device veth1_macvtap left promiscuous mode
[  238.078516][ T6493] netlink: 12 bytes leftover after parsing attributes in process `syz.1.503'.
[  238.652942][ T6493] HTB: quantum of class 4000A is big. Consider r2q change.
[  239.546953][ T6497] HTB: quantum of class 4000A is big. Consider r2q change.
[  239.564745][   T26] kauditd_printk_skb: 8 callbacks suppressed
[  239.564763][   T26] audit: type=1326 audit(1761122903.723:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6490 comm="syz.2.502" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdf4d791fc9 code=0x0
[  239.982437][ T6515] device team_slave_0 entered promiscuous mode
[  239.989298][ T6515] device team_slave_1 entered promiscuous mode
[  240.052906][ T6515] device vlan2 entered promiscuous mode
[  240.063140][ T6515] device team0 entered promiscuous mode
[  240.076578][ T6515] device macvlan1 entered promiscuous mode
[  242.204778][ T6553] loop2: detected capacity change from 0 to 512
[  242.638775][ T6553] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  243.317928][ T6553] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2826: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  243.386633][ T6553] EXT4-fs (loop2): 1 truncate cleaned up
[  243.392323][ T6553] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,debug_want_extra_isize=0x0000000000000068,barrier,jqfmt=vfsold,quota,. Quota mode: writeback.
[  244.449360][ T6579] loop6: detected capacity change from 0 to 64
[  244.750488][   T26] audit: type=1800 audit(1761122909.903:209): pid=6579 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.522" name="file1" dev="loop6" ino=18 res=0 errno=0
[  246.029550][ T6608] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  247.105395][ T6619] 8021q: adding VLAN 0 to HW filter on device bond1
[  247.118567][ T6619] device bond1 entered promiscuous mode
[  247.179498][ T6619] team0: Failed to send options change via netlink (err -105)
[  247.190516][ T6624] loop1: detected capacity change from 0 to 2048
[  247.274720][ T6619] team0: Port device bond1 added
[  247.377355][    T9] team0: Failed to send port change of device bond1 via netlink (err -105)
[  247.456569][ T6624] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  247.890786][ T6650] loop1: detected capacity change from 0 to 2048
[  247.965264][ T6656] netlink: 44 bytes leftover after parsing attributes in process `syz.5.534'.
[  248.041447][ T6650] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  248.099573][ T6666] netlink: 4 bytes leftover after parsing attributes in process `syz.2.535'.
[  248.296223][ T6213] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.669169][ T6691] loop2: detected capacity change from 0 to 128
[  249.558226][   T26] audit: type=1800 audit(1761122914.713:210): pid=6691 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.544" name="file2" dev="loop2" ino=1048597 res=0 errno=0
[  249.581862][ T6691] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  249.705648][ T6691] FAT-fs (loop2): Filesystem has been set read-only
[  249.721398][ T6691] handle_bad_sector: 517 callbacks suppressed
[  249.721417][ T6691] attempt to access beyond end of device
[  249.721417][ T6691] loop2: rw=524288, want=2073, limit=128
[  249.786803][ T6691] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  249.804986][ T6691] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  249.842305][ T6691] attempt to access beyond end of device
[  249.842305][ T6691] loop2: rw=0, want=2073, limit=128
[  249.898243][ T6691] attempt to access beyond end of device
[  249.898243][ T6691] loop2: rw=0, want=2073, limit=128
[  249.972555][ T6691] attempt to access beyond end of device
[  249.972555][ T6691] loop2: rw=0, want=2073, limit=128
[  250.067213][ T6707] netlink: 341 bytes leftover after parsing attributes in process `syz.1.546'.
[  251.076239][ T6712] loop1: detected capacity change from 0 to 8192
[  251.634213][ T6712] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  252.157758][ T6730] loop0: detected capacity change from 0 to 256
[  252.245106][ T6730] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  252.316613][ T6730] exFAT-fs (loop0): error, invalid access to FAT free cluster (entry 0x00000008)
[  252.375447][ T6730] exFAT-fs (loop0): error, failed to bmap (inode : ffff88805e7787e0 iblock : 8, err : -5)
[  252.441349][ T6730] exFAT-fs (loop0): error, invalid access to FAT free cluster (entry 0x00000008)
[  252.453245][ T6730] exFAT-fs (loop0): error, invalid access to FAT free cluster (entry 0x00000008)
[  252.464725][   T26] audit: type=1326 audit(1761122917.613:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6734 comm="syz.1.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  252.509722][   T26] audit: type=1326 audit(1761122917.643:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6734 comm="syz.1.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  252.552748][   T26] audit: type=1326 audit(1761122917.643:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6734 comm="syz.1.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  252.615881][   T26] audit: type=1326 audit(1761122917.643:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6734 comm="syz.1.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  252.657929][   T26] audit: type=1326 audit(1761122917.643:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6734 comm="syz.1.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  252.690772][   T26] audit: type=1326 audit(1761122917.643:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6734 comm="syz.1.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  252.726059][   T26] audit: type=1326 audit(1761122917.643:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6734 comm="syz.1.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  252.756524][   T26] audit: type=1326 audit(1761122917.643:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6734 comm="syz.1.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  252.785884][   T26] audit: type=1326 audit(1761122917.643:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6734 comm="syz.1.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  252.815127][   T26] audit: type=1326 audit(1761122917.643:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6734 comm="syz.1.554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7fce6fd78fc9 code=0x7ffc0000
[  252.892267][ T6755] loop0: detected capacity change from 0 to 128
[  252.956150][ T6755] EXT4-fs (loop0): Ignoring removed orlov option
[  252.997535][ T6755] EXT4-fs (loop0): mounted filesystem without journal. Opts: orlov,nodioread_nolock,,errors=continue. Quota mode: none.
[  253.014326][ T6755] ext4 filesystem being mounted at /110/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  254.948936][ T6785] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  254.991777][ T6785] device syzkaller0 entered promiscuous mode
[  255.164235][ T6785] tipc: Resetting bearer <eth:syzkaller0>
[  255.877358][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  255.883788][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  255.998537][ T6784] tipc: Resetting bearer <eth:syzkaller0>
[  256.295449][ T6784] tipc: Disabling bearer <eth:syzkaller0>
[  258.159339][ T6808] loop6: detected capacity change from 0 to 1024
[  258.280791][ T6808] EXT4-fs (loop6): Ignoring removed oldalloc option
[  258.301431][ T6808] EXT4-fs (loop6): Ignoring removed bh option
[  258.355825][ T6812] loop0: detected capacity change from 0 to 8192
[  258.360356][ T6808] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  258.449783][ T6812] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  258.497052][ T6808] EXT4-fs (loop6): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,usrquota,data_err=ignore,nobarrier,oldalloc,grpquota,noload,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  261.152262][ T6688] net_ratelimit: 24 callbacks suppressed
[  261.152280][ T6688] Set syz1 is full, maxelem 65536 reached
[  261.321854][ T6856] netlink: 341 bytes leftover after parsing attributes in process `syz.6.574'.
[  262.255167][ T6875] fuse: Bad value for 'fd'
[  262.289029][  T150] block nbd1: Attempted send on invalid socket
[  262.295915][  T150] print_req_error: 10 callbacks suppressed
[  262.295931][  T150] blk_update_request: I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  264.420393][ T6893] netlink: 'syz.0.593': attribute type 2 has an invalid length.
[  265.165300][   T26] kauditd_printk_skb: 2 callbacks suppressed
[  265.165317][   T26] audit: type=1326 audit(1761122930.313:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.5.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a41d4afc9 code=0x7fc00000
[  265.316527][   T26] audit: type=1326 audit(1761122930.353:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.5.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5a41d4afc9 code=0x7fc00000
[  265.339579][   T26] audit: type=1326 audit(1761122930.353:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.5.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a41d4afc9 code=0x7fc00000
[  265.402747][   T26] audit: type=1326 audit(1761122930.353:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.5.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a41d4afc9 code=0x7fc00000
[  265.441952][   T26] audit: type=1326 audit(1761122930.353:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.5.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a41d4afc9 code=0x7fc00000
[  265.465242][   T26] audit: type=1326 audit(1761122930.353:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.5.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a41d4afc9 code=0x7fc00000
[  272.746638][   T26] audit: type=1326 audit(1761122930.353:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.5.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a41d4afc9 code=0x7fc00000
[  272.976060][   T26] audit: type=1326 audit(1761122930.353:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.5.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a41d4afc9 code=0x7fc00000
[  273.054945][   T26] audit: type=1326 audit(1761122930.353:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.5.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a41d4afc9 code=0x7fc00000
[  274.206048][   T26] audit: type=1326 audit(1761122930.353:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.5.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a41d4afc9 code=0x7fc00000
[  274.281216][   T26] audit: type=1326 audit(1761122930.353:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.5.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a41d4afc9 code=0x7fc00000
[  274.466098][   T26] audit: type=1326 audit(1761122930.353:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.5.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a41d4afc9 code=0x7fc00000
[  274.542534][ T6947] xt_socket: unknown flags 0x4c
[  275.174008][   T26] audit: type=1326 audit(1761122930.353:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.5.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a41d4afc9 code=0x7fc00000
[  275.240684][   T26] audit: type=1326 audit(1761122930.353:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.5.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a41d4afc9 code=0x7fc00000
[  275.273539][   T26] audit: type=1326 audit(1761122930.353:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.5.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a41d4afc9 code=0x7fc00000
[  275.340136][   T26] audit: type=1326 audit(1761122930.353:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6891 comm="syz.5.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5a41d4afc9 code=0x7fc00000
[  275.617719][ T6956] netlink: 12 bytes leftover after parsing attributes in process `syz.2.600'.
[  276.785789][ T6971] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  277.138023][ T6988] tipc: Started in network mode
[  277.182931][ T6988] tipc: Node identity 927bd4856365, cluster identity 4711
[  277.223930][ T6988] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  277.266500][ T6995] device syzkaller0 entered promiscuous mode
[  277.334498][ T6988] tipc: Resetting bearer <eth:syzkaller0>
[  277.368980][ T6987] tipc: Resetting bearer <eth:syzkaller0>
[  277.421770][ T6987] tipc: Disabling bearer <eth:syzkaller0>
[  277.709678][ T7011] loop6: detected capacity change from 0 to 64
[  279.779027][ T7049] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  283.903306][ T7119] netlink: 4 bytes leftover after parsing attributes in process `syz.1.637'.
[  286.843794][ T7155] netlink: 28 bytes leftover after parsing attributes in process `syz.6.646'.
[  287.084324][ T7162] netlink: 'syz.5.648': attribute type 10 has an invalid length.
[  287.143072][ T7162] device syz_tun entered promiscuous mode
[  287.409691][ T7162] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  288.947168][ T7195] netlink: 12 bytes leftover after parsing attributes in process `syz.5.652'.
[  292.508416][ T7226] loop1: detected capacity change from 0 to 1024
[  293.820042][ T7228] syz.2.660 (7228): drop_caches: 2
[  293.823363][ T7226] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  294.258822][ T7226] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,norecovery,resgid=0x0000000000000000,nojournal_checksum,debug_want_extra_isize=0x0000000000000080,nodelalloc,errors=remount-ro,grpid,auto_da_alloc=0x0000000000000343,grpid,barrier=0x0000000000000007,nombcache,. Quota mode: none.
[  295.160546][ T7258] wlan0 speed is unknown, defaulting to 1000
[  295.237110][ T7258] wlan0 speed is unknown, defaulting to 1000
[  295.646219][ T7258] wlan0 speed is unknown, defaulting to 1000
[  295.870946][ T7258] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  295.971626][ T7258] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  296.219281][ T7289] loop1: detected capacity change from 0 to 256
[  296.993217][ T7258] wlan0 speed is unknown, defaulting to 1000
[  297.022247][ T7258] wlan0 speed is unknown, defaulting to 1000
[  297.107004][ T7258] wlan0 speed is unknown, defaulting to 1000
[  297.134753][ T7258] wlan0 speed is unknown, defaulting to 1000
[  297.180207][ T7258] wlan0 speed is unknown, defaulting to 1000
[  297.301800][ T7301] loop6: detected capacity change from 0 to 128
[  297.346462][ T7297] netlink: 'syz.2.672': attribute type 10 has an invalid length.
[  297.392782][ T7297] device syz_tun entered promiscuous mode
[  297.428579][ T7297] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  297.454663][ T7301] EXT4-fs (loop6): Ignoring removed nobh option
[  297.495868][ T7301] EXT4-fs (loop6): mounted filesystem without journal. Opts: nobh,max_dir_size_kb=0x0000000000000004,,errors=continue. Quota mode: none.
[  297.520337][ T7301] ext4 filesystem being mounted at /59/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  298.714032][ T4188] Bluetooth: hci3: link tx timeout
[  298.719720][ T4188] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  298.731209][ T4188] Bluetooth: hci3: link tx timeout
[  298.736687][ T4188] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  298.744837][ T4188] Bluetooth: hci3: link tx timeout
[  298.750726][ T4188] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  298.759156][ T4188] Bluetooth: hci3: link tx timeout
[  298.764548][ T4188] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  298.774550][ T4188] Bluetooth: hci3: link tx timeout
[  298.779947][ T4188] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  298.788013][ T4188] Bluetooth: hci3: link tx timeout
[  298.795363][ T4188] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  298.804410][ T4188] Bluetooth: hci3: link tx timeout
[  298.811696][ T4188] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  298.819492][ T4188] Bluetooth: hci3: link tx timeout
[  298.824718][ T4188] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  298.832983][ T4188] Bluetooth: hci3: link tx timeout
[  298.840278][ T4188] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  298.848441][ T4188] Bluetooth: hci3: link tx timeout
[  298.854212][ T4188] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  298.862440][ T4188] Bluetooth: hci3: link tx timeout
[  298.868051][ T4188] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  298.876499][ T4188] Bluetooth: hci3: link tx timeout
[  298.881988][ T4188] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  298.890717][ T4188] Bluetooth: hci3: link tx timeout
[  298.896527][ T4188] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  298.904891][ T4188] Bluetooth: hci3: link tx timeout
[  298.912656][ T4188] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  298.920992][ T4188] Bluetooth: hci3: link tx timeout
[  298.926599][ T4188] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  298.935123][ T4188] Bluetooth: hci3: link tx timeout
[  298.940793][ T4188] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  298.950704][ T4188] Bluetooth: hci3: link tx timeout
[  298.956383][ T4188] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  298.964790][ T4188] Bluetooth: hci3: link tx timeout
[  298.970323][ T4188] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  298.979183][ T4188] Bluetooth: hci3: link tx timeout
[  298.984709][ T4188] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  298.993532][ T4188] Bluetooth: hci3: link tx timeout
[  298.999769][ T4188] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  299.007881][ T4188] Bluetooth: hci3: link tx timeout
[  299.016031][ T4188] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  299.024146][ T4188] Bluetooth: hci3: link tx timeout
[  299.029927][ T4188] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  299.038466][ T4188] Bluetooth: hci3: link tx timeout
[  299.044806][ T4188] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  299.053136][ T4188] Bluetooth: hci3: link tx timeout
[  299.059057][ T4188] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  299.067950][ T4188] Bluetooth: hci3: link tx timeout
[  299.073571][ T4188] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  299.082162][ T4188] Bluetooth: hci3: link tx timeout
[  299.087659][ T4188] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  299.095858][ T4188] Bluetooth: hci3: link tx timeout
[  299.101794][ T4188] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  299.110160][ T4188] Bluetooth: hci3: link tx timeout
[  299.118096][ T4188] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  299.126990][ T4188] Bluetooth: hci3: link tx timeout
[  299.132658][ T4188] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  299.140778][ T4188] Bluetooth: hci3: link tx timeout
[  299.146797][ T4188] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  299.154884][ T4188] Bluetooth: hci3: link tx timeout
[  299.160908][ T4188] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  299.169201][ T4188] Bluetooth: hci3: link tx timeout
[  299.174548][ T4188] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  299.182942][ T4188] Bluetooth: hci3: link tx timeout
[  299.188724][ T4188] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  299.197254][ T4188] Bluetooth: hci3: link tx timeout
[  299.202692][ T4188] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  299.210985][ T4188] Bluetooth: hci3: link tx timeout
[  299.216775][ T4188] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  299.227078][ T4188] Bluetooth: hci3: link tx timeout
[  299.233022][ T4188] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  299.241025][ T4188] Bluetooth: hci3: link tx timeout
[  299.246503][ T4188] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  299.255166][ T4188] Bluetooth: hci3: link tx timeout
[  299.260604][ T4188] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  299.269201][ T4188] Bluetooth: hci3: link tx timeout
[  299.274706][ T4188] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  299.283207][ T4188] Bluetooth: hci3: link tx timeout
[  299.288749][ T4188] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  299.298351][ T4188] Bluetooth: hci3: link tx timeout
[  299.304259][ T4188] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  299.313141][ T4188] Bluetooth: hci3: link tx timeout
[  299.321803][ T4188] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  299.331043][ T4188] Bluetooth: hci3: link tx timeout
[  299.337292][ T4188] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  299.346439][ T4188] Bluetooth: hci3: link tx timeout
[  299.352556][ T4188] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  299.361628][ T4188] Bluetooth: hci3: link tx timeout
[  299.371154][ T4188] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  299.380191][ T4188] Bluetooth: hci3: link tx timeout
[  299.386216][ T4188] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  299.395287][ T4188] Bluetooth: hci3: link tx timeout
[  299.401154][ T4188] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  299.410039][ T4188] Bluetooth: hci3: link tx timeout
[  299.416293][ T4188] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  299.480729][ T7323] sch_tbf: burst 512 is lower than device syzkaller0 mtu (1500) !
[  300.235054][ T7346] netlink: 4 bytes leftover after parsing attributes in process `syz.2.683'.
[  300.964334][ T4246] Bluetooth: hci3: command 0x0406 tx timeout
[  301.903358][ T7364] loop2: detected capacity change from 0 to 764
[  302.239229][ T7367] netlink: 'syz.6.687': attribute type 10 has an invalid length.
[  302.673366][ T7374] Symlink component flag not implemented
[  302.679190][ T7374] Symlink component flag not implemented
[  302.685226][ T7374] Symlink component flag not implemented (129)
[  302.691635][ T7374] Symlink component flag not implemented (6)
[  302.701212][ T7374] rock: directory entry would overflow storage
[  302.707446][ T7374] rock: sig=0x4f50, size=4, remaining=3
[  302.713019][ T7374] iso9660: Corrupted directory entry in block 6 of inode 1792
[  302.722753][ T7367] device syz_tun entered promiscuous mode
[  302.737768][ T7367] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  303.154942][ T4246] Bluetooth: hci3: command 0x0406 tx timeout
[  303.219912][ T7394] netlink: 12 bytes leftover after parsing attributes in process `syz.2.705'.
[  304.625396][ T7423] netlink: 4 bytes leftover after parsing attributes in process `syz.5.698'.
[  306.403929][ T7442] loop0: detected capacity change from 0 to 2048
[  306.472380][ T7451] xt_l2tp: missing protocol rule (udp|l2tpip)
[  308.190883][ T7442] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  308.389180][ T7463] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  308.619532][ T7468] device syzkaller0 entered promiscuous mode
[  309.798043][ T7463] tipc: Resetting bearer <eth:syzkaller0>
[  309.870763][ T4303] tipc: Node number set to 1102763405
[  310.021367][ T7458] tipc: Resetting bearer <eth:syzkaller0>
[  310.053595][ T7458] tipc: Disabling bearer <eth:syzkaller0>
[  311.111148][ T7542] netlink: 4 bytes leftover after parsing attributes in process `syz.0.714'.
[  314.607767][ T7591] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  314.667450][ T7591] device syzkaller0 entered promiscuous mode
[  314.722301][ T7591] tipc: Resetting bearer <eth:syzkaller0>
[  314.788337][ T7589] tipc: Resetting bearer <eth:syzkaller0>
[  314.807046][ T7589] tipc: Disabling bearer <eth:syzkaller0>
[  317.081089][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  317.087451][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  317.612595][ T7632] loop0: detected capacity change from 0 to 64
[  319.318699][ T7646] xt_SECMARK: invalid mode: 2
[  319.863019][ T7642] netlink: 32 bytes leftover after parsing attributes in process `syz.2.744'.
[  320.025253][ T7642] netlink: 32 bytes leftover after parsing attributes in process `syz.2.744'.
[  321.590272][ T7662] ptrace attach of "./syz-executor exec"[4183] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  321.772671][ T7664] loop6: detected capacity change from 0 to 256
[  322.077077][ T7664] FAT-fs (loop6): Unrecognized mount option ";" or missing value
[  323.490715][ T7684] loop1: detected capacity change from 0 to 512
[  323.780553][ T7688] loop2: detected capacity change from 0 to 64
[  324.516196][ T7684] EXT4-fs error (device loop1): ext4_fill_super:4841: inode #2: comm syz.1.756: iget: bad i_size value: -1
[  324.534496][ T7684] EXT4-fs (loop1): get root inode failed
[  324.541738][ T7684] EXT4-fs (loop1): mount failed
[  325.043188][ T7704] loop6: detected capacity change from 0 to 1024
[  326.716378][ T7707] loop1: detected capacity change from 0 to 128
[  326.886017][ T7707] ADFS-fs (loop1): error: can't find an ADFS filesystem on dev loop1.
[  327.112026][ T7704] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  332.139019][ T7756] loop2: detected capacity change from 0 to 1024
[  332.166902][ T7755] loop0: detected capacity change from 0 to 256
[  332.252660][ T7755] FAT-fs (loop0): Unrecognized mount option ";" or missing value
[  332.281432][ T7759] device syzkaller0 entered promiscuous mode
[  332.310526][ T7756] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  333.411456][ T7778] netlink: 'syz.2.779': attribute type 29 has an invalid length.
[  333.455488][ T7778] netlink: 'syz.2.779': attribute type 29 has an invalid length.
[  333.590084][ T7783] netlink: 'syz.2.779': attribute type 29 has an invalid length.
[  333.608353][ T7778] netlink: 'syz.2.779': attribute type 29 has an invalid length.
[  333.732553][ T7778] netlink: 'syz.2.779': attribute type 29 has an invalid length.
[  334.017045][ T7778] netlink: 'syz.2.779': attribute type 29 has an invalid length.
[  334.290761][ T7778] netlink: 'syz.2.779': attribute type 29 has an invalid length.
[  334.354113][ T7778] netlink: 'syz.2.779': attribute type 29 has an invalid length.
[  336.782078][ T7806] loop6: detected capacity change from 0 to 1024
[  337.061988][ T7806] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  338.620891][ T7814] loop1: detected capacity change from 0 to 256
[  338.850827][ T7814] FAT-fs (loop1): Unrecognized mount option ";" or missing value
[  343.407349][ T7860] binder: BINDER_SET_CONTEXT_MGR already set
[  343.418425][ T7860] binder: 7859:7860 ioctl 4018620d 200000000ac0 returned -16
[  343.597820][ T7860] binder: 7859:7860 ioctl c0306201 2000000003c0 returned -14
[  343.653879][ T7867] loop0: detected capacity change from 0 to 256
[  343.681007][ T7860] syz.2.802 (7860): drop_caches: 2
[  346.529485][ T7901] netlink: 4 bytes leftover after parsing attributes in process `syz.2.814'.
[  347.638081][ T7908] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  347.678296][ T7901] bond0: (slave syz_tun): Releasing backup interface
[  351.503923][ T7949] loop6: detected capacity change from 0 to 32768
[  351.574971][ T7949] (syz.6.829,7949,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  351.592409][ T7949] (syz.6.829,7949,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  351.638285][ T7949] JBD2: Ignoring recovery information on journal
[  351.705749][ T7957] binder: 7954:7957 ioctl c0306201 2000000003c0 returned -14
[  351.722251][ T7949] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  351.901525][ T7957] binder_alloc: 7954: binder_alloc_buf, no vma
[  351.998732][ T7964] netlink: 8 bytes leftover after parsing attributes in process `syz.6.829'.
[  352.016072][ T7964] netlink: 'syz.6.829': attribute type 3 has an invalid length.
[  352.680028][ T7967] netlink: 4 bytes leftover after parsing attributes in process `syz.5.834'.
[  352.727489][ T7967] bond0: (slave syz_tun): Releasing backup interface
[  352.968693][ T7961] syz.1.831 (7961): drop_caches: 2
[  353.095647][ T5520] ocfs2: Unmounting device (7,6) on (node local)
[  353.154187][ T7980] loop2: detected capacity change from 0 to 8
[  353.211898][ T7980] SQUASHFS error: lzo decompression failed, data probably corrupt
[  353.256848][ T7980] SQUASHFS error: Failed to read block 0x91: -5
[  353.264335][ T7980] SQUASHFS error: Unable to read metadata cache entry [8f]
[  353.279624][ T7980] SQUASHFS error: Unable to read inode 0x11f
[  353.336897][ T7982] input: syz1 as /devices/virtual/input/input7
[  353.474776][ T7985] usb usb1: usbfs: process 7985 (syz.2.839) did not claim interface 6 before use
[  353.501596][ T7985] loop2: detected capacity change from 0 to 256
[  356.429469][ T8021] binder: 8020:8021 ioctl c0306201 2000000003c0 returned -14
[  357.620233][ T8032] device syzkaller0 entered promiscuous mode
[  358.010815][ T8021] syz.0.849 (8021): drop_caches: 2
[  359.984821][ T8060] program syz.2.858 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  360.702561][ T8066] IPVS: set_ctl: invalid protocol: 44 172.20.20.187:20000
[  360.982606][ T8066] netlink: 'syz.0.861': attribute type 16 has an invalid length.
[  361.098226][ T8069] loop1: detected capacity change from 0 to 40427
[  361.106070][ T8066] netlink: 'syz.0.861': attribute type 3 has an invalid length.
[  361.113742][ T8066] netlink: 132 bytes leftover after parsing attributes in process `syz.0.861'.
[  361.172275][ T8069] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  361.180535][ T8069] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  361.194566][ T8069] F2FS-fs (loop1): invalid crc value
[  361.253887][ T8069] F2FS-fs (loop1): Found nat_bits in checkpoint
[  361.331536][ T8069] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  361.338773][ T8069] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  362.316975][ T4303] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  362.499833][   T26] kauditd_printk_skb: 94 callbacks suppressed
[  362.499852][   T26] audit: type=1800 audit(1761123026.773:333): pid=8093 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.865" name="file1" dev="loop1" ino=10 res=0 errno=0
[  362.578593][ T4184] attempt to access beyond end of device
[  362.578593][ T4184] loop1: rw=2049, want=40968, limit=40427
[  362.646105][ T4303] usb 3-1: Using ep0 maxpacket: 32
[  362.654292][ T8101] loop0: detected capacity change from 0 to 512
[  362.766426][ T4303] usb 3-1: config index 0 descriptor too short (expected 786, got 18)
[  362.796030][ T4303] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[  362.808520][ T8101] EXT4-fs error (device loop0): ext4_orphan_get:1401: inode #15: comm syz.0.872: casefold flag without casefold feature
[  362.871999][ T4303] usb 3-1: config 0 has no interface number 0
[  362.908934][ T4246] Bluetooth: hci3: command 0x0405 tx timeout
[  362.952184][ T8101] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.872: couldn't read orphan inode 15 (err -117)
[  362.982954][ T8101] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  363.066243][ T4303] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  363.089032][ T4303] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  363.117972][ T4303] usb 3-1: Product: syz
[  363.130688][ T4303] usb 3-1: Manufacturer: syz
[  363.153025][ T4303] usb 3-1: SerialNumber: syz
[  363.181716][ T4303] usb 3-1: config 0 descriptor??
[  363.265109][ T4303] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  363.446347][ T4303] usb 3-1: qt2_setup_urbs - submit read urb failed -8
[  363.460274][ T4303] quatech2: probe of 3-1:0.51 failed with error -8
[  363.600810][ T8118] device team0 entered promiscuous mode
[  363.624549][ T8118] device team_slave_0 entered promiscuous mode
[  363.645108][ T8118] device team_slave_1 entered promiscuous mode
[  363.673868][ T8118] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  363.723725][   T21] usb 3-1: USB disconnect, device number 3
[  363.742618][ T8118] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  364.739953][ T8118] bridge0: port 4(vlan3) entered blocking state
[  364.944668][ T8118] bridge0: port 4(vlan3) entered disabled state
[  365.980051][ T8118] device vlan3 entered promiscuous mode
[  365.986303][ T8118] device bond0 entered promiscuous mode
[  366.006052][ T8118] device bond_slave_0 entered promiscuous mode
[  366.048313][ T8118] device bond_slave_1 entered promiscuous mode
[  366.083061][ T8118] device wlan1 entered promiscuous mode
[  366.109770][ T8118] device macvlan2 entered promiscuous mode
[  369.513832][ T8174] loop6: detected capacity change from 0 to 8
[  369.887073][ T8174] SQUASHFS error: lzo decompression failed, data probably corrupt
[  369.966067][ T8174] SQUASHFS error: Failed to read block 0x91: -5
[  369.972356][ T8174] SQUASHFS error: Unable to read metadata cache entry [8f]
[  370.077194][ T8174] SQUASHFS error: Unable to read inode 0x11f
[  370.413669][ T8188] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  370.422630][ T8188] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  370.431566][ T8188] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  370.440469][ T8188] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  370.453377][ T8188] device geneve2 entered promiscuous mode
[  374.373687][ T8210] device wg1 entered promiscuous mode
[  374.641942][ T8213] netlink: 20 bytes leftover after parsing attributes in process `syz.2.901'.
[  375.526734][ T8213] sctp: failed to load transform for md5: -2
[  375.640624][ T8239] loop0: detected capacity change from 0 to 512
[  375.688968][ T8239] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  375.841358][ T8239] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c019, mo2=0002]
[  376.011743][ T8239] System zones: 1-12
[  376.063287][ T8243] loop2: detected capacity change from 0 to 2048
[  376.424669][ T8239] EXT4-fs (loop0): 1 truncate cleaned up
[  376.539102][ T8249] blk_update_request: I/O error, dev loop5, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 0
[  376.568939][ T8239] EXT4-fs (loop0): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,nombcache,dioread_lock,debug,,errors=continue. Quota mode: none.
[  376.598542][ T8249] EXT4-fs (loop5): unable to read superblock
[  376.671153][ T8243]  loop2: p1 < > p4
[  376.691070][ T8243] loop2: p4 size 8388608 extends beyond EOD, truncated
[  376.925047][ T6920] udevd[6920]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  376.946548][ T6913] udevd[6913]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  378.512599][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  378.536051][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  380.107381][ T8333] overlayfs: missing 'lowerdir'
[  386.886959][ T8382] netlink: 72 bytes leftover after parsing attributes in process `syz.6.937'.
[  387.038785][ T8386] bridge0: port 4(vlan3) entered blocking state
[  387.093436][ T8386] bridge0: port 4(vlan3) entered disabled state
[  387.262622][ T8386] device vlan3 entered promiscuous mode
[  387.330783][ T8386] bridge0: mtu less than device minimum
[  388.727905][ T1108] Bluetooth: hci3: command 0x2016 tx timeout
[  392.480946][ T8453] device team0 entered promiscuous mode
[  392.537908][ T8453] device team_slave_0 entered promiscuous mode
[  392.667580][ T8453] device team_slave_1 entered promiscuous mode
[  392.718027][ T8453] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  392.726670][ T8453] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  392.786417][ T8457] bridge0: port 3(vlan2) entered blocking state
[  392.792824][ T8457] bridge0: port 3(vlan2) entered disabled state
[  392.803612][ T8457] device vlan2 entered promiscuous mode
[  392.812678][ T8457] device bond0 entered promiscuous mode
[  392.819872][ T8457] device bond_slave_0 entered promiscuous mode
[  392.826595][ T8457] device bond_slave_1 entered promiscuous mode
[  392.837485][ T8457] device macvlan2 entered promiscuous mode
[  393.017236][ T8468] block device autoloading is deprecated and will be removed.
[  393.224081][ T8477] loop2: detected capacity change from 0 to 40427
[  393.252836][ T8471] block device autoloading is deprecated and will be removed.
[  393.415884][ T8477] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  393.423863][ T8477] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  393.509550][ T8477] F2FS-fs (loop2): invalid crc value
[  393.975375][ T8477] F2FS-fs (loop2): Found nat_bits in checkpoint
[  394.338717][ T8477] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  394.345861][ T8477] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  396.039413][   T26] audit: type=1800 audit(1761123060.473:334): pid=8507 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.959" name="file1" dev="loop2" ino=10 res=0 errno=0
[  396.765223][ T4183] attempt to access beyond end of device
[  396.765223][ T4183] loop2: rw=2049, want=40968, limit=40427
[  397.322704][ T8519] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  397.331740][ T8519] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  397.340691][ T8519] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  397.349615][ T8519] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  397.359888][ T8519] device geneve2 entered promiscuous mode
[  401.215274][ T6295] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  401.225006][ T6295] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  401.234776][ T6295] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  401.267294][ T8546] netlink: 20 bytes leftover after parsing attributes in process `syz.6.976'.
[  401.922891][ T8567] loop0: detected capacity change from 0 to 40427
[  403.266940][ T8567] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  403.274726][ T8567] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  403.363898][ T8567] F2FS-fs (loop0): invalid crc value
[  403.628105][ T8567] F2FS-fs (loop0): Found nat_bits in checkpoint
[  405.118170][ T8601] netlink: 2384 bytes leftover after parsing attributes in process `syz.5.989'.
[  405.849740][ T8600] overlayfs: upper fs does not support file handles, falling back to index=off.
[  405.936647][ T8606] bridge0: port 3(vlan4) entered blocking state
[  405.966049][ T8606] bridge0: port 3(vlan4) entered disabled state
[  405.987346][ T8606] device vlan4 entered promiscuous mode
[  407.643998][ T4246] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  407.671170][ T8616] loop0: detected capacity change from 0 to 2048
[  407.752769][ T8624] binder: 8623:8624 ioctl ae80 0 returned -22
[  407.768720][ T4246] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  407.921249][ T8616] EXT4-fs (loop0): quotafile must be on filesystem root
[  410.472821][ T8661] netlink: 2384 bytes leftover after parsing attributes in process `syz.0.1006'.
[  411.499583][ T8670] device batadv_slave_1 entered promiscuous mode
[  411.635617][ T8669] device batadv_slave_1 left promiscuous mode
[  417.505574][ T8771] netlink: 165 bytes leftover after parsing attributes in process `syz.6.1046'.
[  418.457738][ T8774] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=none:owns=io+mem
[  419.739448][   T26] audit: type=1326 audit(1761123084.893:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8785 comm="syz.2.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  419.798358][   T26] audit: type=1326 audit(1761123084.923:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8785 comm="syz.2.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  419.875994][   T26] audit: type=1326 audit(1761123084.923:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8785 comm="syz.2.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  419.960176][   T26] audit: type=1326 audit(1761123084.923:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8785 comm="syz.2.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  420.033599][   T26] audit: type=1326 audit(1761123084.943:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8785 comm="syz.2.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  420.114063][ T8794] overlayfs: upper fs does not support file handles, falling back to index=off.
[  420.152157][   T26] audit: type=1326 audit(1761123084.943:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8785 comm="syz.2.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  420.266221][   T26] audit: type=1326 audit(1761123084.943:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8785 comm="syz.2.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  420.354885][   T26] audit: type=1326 audit(1761123084.943:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8785 comm="syz.2.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  420.451919][   T26] audit: type=1326 audit(1761123084.943:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8785 comm="syz.2.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  420.551065][   T26] audit: type=1326 audit(1761123084.943:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8785 comm="syz.2.1042" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf4d791fc9 code=0x7ffc0000
[  422.298580][ T8826] loop2: detected capacity change from 0 to 1024
[  422.892851][ T8826] hfsplus: unable to parse mount options
[  423.104677][ T8826] input: syz0 as /devices/virtual/input/input8
[  423.162427][ T8826] netlink: 'syz.2.1055': attribute type 4 has an invalid length.
[  423.176167][ T8826] netlink: 128124 bytes leftover after parsing attributes in process `syz.2.1055'.
[  424.055787][ T8841] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  424.073990][ T8839] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready
[  424.098011][ T4260] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  424.140044][ T4260] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  424.164784][ T8848] loop2: detected capacity change from 0 to 128
[  424.173937][ T8839] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  424.319021][ T8854] attempt to access beyond end of device
[  424.319021][ T8854] loop2: rw=2049, want=761, limit=128
[  426.542116][ T8865] loop1: detected capacity change from 0 to 8192
[  426.604840][ T8873] sctp: [Deprecated]: syz.5.1067 (pid 8873) Use of struct sctp_assoc_value in delayed_ack socket option.
[  426.604840][ T8873] Use struct sctp_sack_info instead
[  427.349408][ T8881] loop2: detected capacity change from 0 to 128
[  427.377201][ T8880] mac80211_hwsim hwsim15 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  427.534629][ T8883] wlan0 speed is unknown, defaulting to 1000
[  428.298865][ T8889] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1070'.
[  428.366265][ T8889] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1070'.
[  435.355095][ T8951] wlan0 speed is unknown, defaulting to 1000
[  436.771546][ T8956] device  entered promiscuous mode
[  438.552871][ T8974] netlink: 'syz.2.1092': attribute type 1 has an invalid length.
[  439.905726][ T8982] loop2: detected capacity change from 0 to 1024
[  439.959175][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  439.965467][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  440.947997][ T8982] __quota_error: 27 callbacks suppressed
[  440.948019][ T8982] Quota error (device loop2): find_block_dqentry: Quota for id 0 referenced but not present
[  441.048383][ T8982] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[  441.168410][ T8982] EXT4-fs error (device loop2): ext4_acquire_dquot:6209: comm syz.2.1095: Failed to acquire dquot type 0
[  441.269686][ T4303] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  441.340602][ T4303] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  441.369404][ T8982] EXT4-fs (loop2): 1 truncate cleaned up
[  441.402652][ T8982] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  441.699526][ T8982] Quota error (device loop2): find_block_dqentry: Quota for id 0 referenced but not present
[  441.743731][ T8982] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[  441.776784][ T8982] EXT4-fs error (device loop2): ext4_acquire_dquot:6209: comm syz.2.1095: Failed to acquire dquot type 0
[  445.365226][ T9040] loop0: detected capacity change from 0 to 2048
[  446.878008][ T9040] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  446.917282][ T9037] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1109'.
[  446.927500][ T9037] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1109'.
[  447.169735][ T9049] loop0: detected capacity change from 0 to 128
[  448.336303][ T4899] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  448.616106][ T4899] usb 1-1: Using ep0 maxpacket: 8
[  448.776295][ T4899] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 13
[  448.956405][ T4899] usb 1-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[  448.989483][ T4899] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  449.000262][ T4899] usb 1-1: Product: syz
[  449.004604][ T4899] usb 1-1: Manufacturer: syz
[  449.011608][ T4899] usb 1-1: SerialNumber: syz
[  449.171431][ T4899] usb 1-1: config 0 descriptor??
[  449.590183][ T4899] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[  449.863790][ T9079] loop1: detected capacity change from 0 to 512
[  450.378341][ T9079] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  450.478263][ T9079] EXT4-fs (loop1): 1 truncate cleaned up
[  450.483993][ T9079] EXT4-fs (loop1): mounted filesystem without journal. Opts: resuid=0x0000000000000000,max_dir_size_kb=0x00000000000001ff,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[  451.645592][ T9100] loop2: detected capacity change from 0 to 128
[  451.702368][ T9100] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  451.760744][ T9107] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1129'.
[  452.938119][ T4899] gspca_zc3xx: reg_w_i err -110
[  454.536287][ T4899] gspca_zc3xx: Unknown sensor - set to TAS5130C
[  454.703384][ T4899] gspca_zc3xx: probe of 1-1:0.0 failed with error -110
[  454.788179][ T9137] xt_time: unknown flags 0xc
[  455.743074][ T4899] usb 1-1: USB disconnect, device number 2
[  562.755844][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  562.762851][    C0] rcu: 	1-...!: (1 GPs behind) idle=8a1/1/0x4000000000000000 softirq=24046/24047 fqs=0 
[  562.774271][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P8937/1:b..l
[  562.782227][    C0] 	(detected by 0, t=10502 jiffies, g=26693, q=221)
[  562.788849][    C0] Sending NMI from CPU 0 to CPUs 1:
[  562.794069][    C1] NMI backtrace for cpu 1
[  562.794079][    C1] CPU: 1 PID: 9162 Comm: syz.6.1142 Not tainted syzkaller #0
[  562.794098][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  562.794120][    C1] RIP: 0010:lock_is_held_type+0x61/0x190
[  562.794148][    C1] Code: 0f 85 f4 00 00 00 65 48 8b 1d 3b 1f 59 76 83 bb ec 0a 00 00 00 0f 85 df 00 00 00 41 89 f7 49 89 fe 48 c7 04 24 00 00 00 00 9c <8f> 04 24 4c 8b 2c 24 fa 48 c7 c7 a0 26 0b 8a e8 4b 0e 00 00 65 ff
[  562.794164][    C1] RSP: 0018:ffffc90000dd0c30 EFLAGS: 00000046
[  562.794178][    C1] RAX: 0000000000000000 RBX: ffff8880234b8000 RCX: ffff8880234b8000
[  562.794192][    C1] RDX: 0000000000010000 RSI: 00000000ffffffff RDI: ffff888077b14b00
[  562.794204][    C1] RBP: 00000000ffffffff R08: 0000000000000004 R09: 0000000000000003
[  562.794216][    C1] R10: fffff520001ba180 R11: 1ffff920001ba180 R12: ffff888077b14ae8
[  562.794230][    C1] R13: dffffc0000000000 R14: ffff888077b14b00 R15: 00000000ffffffff
[  562.794244][    C1] FS:  00007ff9c93ef6c0(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
[  562.794260][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  562.794273][    C1] CR2: 00007fdf4b596000 CR3: 0000000075ddf000 CR4: 00000000003506e0
[  562.794289][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  562.794299][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  562.794311][    C1] Call Trace:
[  562.794318][    C1]  <IRQ>
[  562.794329][    C1]  advance_sched+0x69/0x940
[  562.794351][    C1]  ? _raw_spin_unlock+0x40/0x40
[  562.794373][    C1]  __hrtimer_run_queues+0x53d/0xc40
[  562.794399][    C1]  ? taprio_free_sched_cb+0x190/0x190
[  562.794424][    C1]  ? hrtimer_interrupt+0x8d0/0x8d0
[  562.794444][    C1]  ? ktime_get_update_offsets_now+0x3ce/0x3e0
[  562.794466][    C1]  hrtimer_interrupt+0x3bb/0x8d0
[  562.794498][    C1]  __sysvec_apic_timer_interrupt+0x137/0x4a0
[  562.794523][    C1]  sysvec_apic_timer_interrupt+0x9b/0xc0
[  562.794543][    C1]  </IRQ>
[  562.794548][    C1]  <TASK>
[  562.794553][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  562.794572][    C1] RIP: 0010:skb_free_datagram+0x1/0xe0
[  562.794589][    C1] Code: 8b 04 25 28 00 00 00 48 3b 44 24 28 75 12 4c 89 f8 48 83 c4 30 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 84 4c d6 01 0f 1f 40 00 55 <41> 57 41 56 41 54 53 49 89 f6 48 89 fb 49 bc 00 00 00 00 00 fc ff
[  562.794603][    C1] RSP: 0018:ffffc90003627750 EFLAGS: 00000246
[  562.794617][    C1] RAX: d05349d871c29700 RBX: ffff888074ad9800 RCX: 0000000000080000
[  562.794630][    C1] RDX: ffffc900175ad000 RSI: ffff88801e027780 RDI: ffff88805de87000
[  562.794642][    C1] RBP: ffffc900036278f0 R08: dffffc0000000000 R09: ffffed100e95b302
[  562.794655][    C1] R10: ffffed100e95b302 R11: 1ffff1100e95b301 R12: dffffc0000000000
[  562.794668][    C1] R13: ffffc90003627d40 R14: 1ffff920006c4efc R15: ffff88801e027780
[  562.794690][    C1]  __unix_dgram_recvmsg+0x9cc/0xd50
[  562.794716][    C1]  ? unix_unhash+0x10/0x10
[  562.794737][    C1]  ? mark_lock+0x94/0x320
[  562.794757][    C1]  ? unix_dgram_recvmsg+0xb2/0xd0
[  562.794775][    C1]  ? unix_dgram_sendmsg+0x1890/0x1890
[  562.794793][    C1]  ____sys_recvmsg+0x291/0x580
[  562.794818][    C1]  ? __sys_recvmsg_sock+0x40/0x40
[  562.794844][    C1]  ? import_iovec+0x6f/0xa0
[  562.794865][    C1]  ___sys_recvmsg+0x1af/0x4f0
[  562.794887][    C1]  ? __sys_recvmsg+0x250/0x250
[  562.794916][    C1]  ? __lock_acquire+0x7c60/0x7c60
[  562.794934][    C1]  ? __might_sleep+0x7b/0xf0
[  562.794953][    C1]  ? __might_fault+0xb3/0x110
[  562.794971][    C1]  do_recvmmsg+0x344/0x7a0
[  562.794993][    C1]  ? __sys_recvmmsg+0x280/0x280
[  562.795020][    C1]  ? __lock_acquire+0x7c60/0x7c60
[  562.795044][    C1]  __x64_sys_recvmmsg+0x18d/0x240
[  562.795064][    C1]  ? do_recvmmsg+0x7a0/0x7a0
[  562.795084][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  562.795103][    C1]  do_syscall_64+0x4c/0xa0
[  562.795117][    C1]  ? clear_bhb_loop+0x30/0x80
[  562.795133][    C1]  ? clear_bhb_loop+0x30/0x80
[  562.795150][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  562.795167][    C1] RIP: 0033:0x7ff9cb1a8fc9
[  562.795190][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  562.795204][    C1] RSP: 002b:00007ff9c93ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  562.795220][    C1] RAX: ffffffffffffffda RBX: 00007ff9cb400090 RCX: 00007ff9cb1a8fc9
[  562.795233][    C1] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000003
[  562.795244][    C1] RBP: 00007ff9cb22bf91 R08: 0000000000000000 R09: 0000000000000000
[  562.795254][    C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  562.795265][    C1] R13: 00007ff9cb400128 R14: 00007ff9cb400090 R15: 00007ffdeb837938
[  562.795285][    C1]  </TASK>
[  562.796064][    C0] task:kworker/u4:35   state:R  running task     stack:21280 pid: 8937 ppid:     2 flags:0x00004000
[  563.264305][    C0] Workqueue: bat_events batadv_nc_worker
[  563.269978][    C0] Call Trace:
[  563.273272][    C0]  <TASK>
[  563.276225][    C0]  __schedule+0x11bb/0x4390
[  563.280766][    C0]  ? mark_lock+0x94/0x320
[  563.285124][    C0]  ? mark_lock+0x94/0x320
[  563.289595][    C0]  ? release_firmware_map_entry+0x190/0x190
[  563.296172][    C0]  ? preempt_schedule_irq+0xa6/0x150
[  563.301508][    C0]  preempt_schedule_irq+0xb1/0x150
[  563.306648][    C0]  ? __cond_resched+0xb0/0xb0
[  563.311354][    C0]  ? rcu_is_watching+0x11/0xa0
[  563.316148][    C0]  ? rcu_irq_exit_check_preempt+0xdb/0x200
[  563.321972][    C0]  irqentry_exit+0x63/0x70
[  563.326415][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  563.332412][    C0] RIP: 0010:lock_acquire+0x1f2/0x3f0
[  563.337726][    C0] Code: 00 9c 8f 84 24 80 00 00 00 f6 84 24 81 00 00 00 02 0f 85 f6 00 00 00 41 f7 c6 00 02 00 00 74 01 fb 48 c7 44 24 60 0e 36 e0 45 <4b> c7 44 3d 00 00 00 00 00 66 43 c7 44 3d 09 00 00 43 c6 44 3d 0b
[  563.357606][    C0] RSP: 0018:ffffc900015cfaa0 EFLAGS: 00000206
[  563.363700][    C0] RAX: 0000000000000001 RBX: 0000000000000000 RCX: cde4b3d5716aa700
[  563.371682][    C0] RDX: 0000000000000000 RSI: ffffffff8a0b2b40 RDI: ffffffff8a59a880
[  563.379673][    C0] RBP: ffffc900015cfbc0 R08: dffffc0000000000 R09: fffffbfff1ff7a19
[  563.387753][    C0] R10: fffffbfff1ff7a19 R11: 1ffffffff1ff7a18 R12: ffffffff8c11c720
[  563.395738][    C0] R13: 1ffff920002b9f60 R14: 0000000000000246 R15: dffffc0000000000
[  563.403748][    C0]  ? rcu_lock_release+0x5/0x20
[  563.408539][    C0]  ? read_lock_is_recursive+0x10/0x10
[  563.413927][    C0]  ? __lock_acquire+0x7c60/0x7c60
[  563.418972][    C0]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  563.424979][    C0]  rcu_lock_acquire+0x2a/0x30
[  563.429672][    C0]  ? rcu_lock_acquire+0x5/0x30
[  563.434464][    C0]  batadv_nc_worker+0xc9/0x5c0
[  563.439275][    C0]  process_one_work+0x863/0x1000
[  563.444243][    C0]  ? worker_detach_from_pool+0x240/0x240
[  563.449889][    C0]  ? lockdep_hardirqs_off+0x70/0x100
[  563.455198][    C0]  ? _raw_spin_lock_irq+0xab/0xe0
[  563.460245][    C0]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  563.465633][    C0]  ? wq_worker_running+0x97/0x170
[  563.470677][    C0]  worker_thread+0xaa8/0x12a0
[  563.475370][    C0]  ? lockdep_hardirqs_on+0x94/0x140
[  563.480598][    C0]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  563.486525][    C0]  kthread+0x436/0x520
[  563.490612][    C0]  ? rcu_lock_release+0x20/0x20
[  563.495480][    C0]  ? kthread_blkcg+0xd0/0xd0
[  563.500088][    C0]  ret_from_fork+0x1f/0x30
[  563.504558][    C0]  </TASK>
[  563.507592][    C0] rcu: rcu_preempt kthread starved for 10502 jiffies! g26693 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  563.518891][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  563.528866][    C0] rcu: RCU grace-period kthread stack dump:
[  563.534849][    C0] task:rcu_preempt     state:R  running task     stack:27464 pid:   15 ppid:     2 flags:0x00004000
[  563.545642][    C0] Call Trace:
[  563.548936][    C0]  <TASK>
[  563.551878][    C0]  __schedule+0x11bb/0x4390
[  563.556408][    C0]  ? _raw_spin_lock_irqsave+0x7f/0xf0
[  563.561801][    C0]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  563.567717][    C0]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  563.573627][    C0]  ? _raw_spin_unlock+0x40/0x40
[  563.578507][    C0]  ? rcu_is_watching+0x11/0xa0
[  563.583291][    C0]  ? release_firmware_map_entry+0x190/0x190
[  563.589222][    C0]  schedule+0x11b/0x1e0
[  563.593395][    C0]  schedule_timeout+0x15c/0x280
[  563.598264][    C0]  ? console_conditional_schedule+0x40/0x40
[  563.604183][    C0]  ? update_process_times+0x200/0x200
[  563.609579][    C0]  ? prepare_to_swait_event+0x331/0x350
[  563.615155][    C0]  rcu_gp_fqs_loop+0x29e/0x11b0
[  563.620027][    C0]  ? lockdep_hardirqs_on+0x94/0x140
[  563.625363][    C0]  ? rcu_gp_init+0xd58/0x10e0
[  563.630060][    C0]  ? rcu_gp_init+0x10e0/0x10e0
[  563.634842][    C0]  ? _raw_spin_unlock_irq+0x1f/0x40
[  563.640064][    C0]  ? lockdep_hardirqs_on+0x94/0x140
[  563.645280][    C0]  rcu_gp_kthread+0x98/0x350
[  563.649892][    C0]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  563.655019][    C0]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  563.661019][    C0]  ? __kthread_parkme+0x157/0x1b0
[  563.666065][    C0]  kthread+0x436/0x520
[  563.670145][    C0]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  563.675280][    C0]  ? kthread_blkcg+0xd0/0xd0
[  563.679912][    C0]  ret_from_fork+0x1f/0x30
[  563.684359][    C0]  </TASK>
[  563.687390][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  563.693715][    C0] NMI backtrace for cpu 0
[  563.698047][    C0] CPU: 0 PID: 4246 Comm: kworker/0:5 Not tainted syzkaller #0
[  563.705515][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  563.715585][    C0] Workqueue: events fqdir_free_fn
[  563.720628][    C0] Call Trace:
[  563.723919][    C0]  <IRQ>
[  563.726771][    C0]  dump_stack_lvl+0x168/0x230
[  563.731468][    C0]  ? show_regs_print_info+0x20/0x20
[  563.737039][    C0]  ? load_image+0x3b0/0x3b0
[  563.741568][    C0]  ? irq_work_queue+0xbf/0x140
[  563.746347][    C0]  nmi_cpu_backtrace+0x397/0x3d0
[  563.751303][    C0]  ? nmi_trigger_cpumask_backtrace+0x280/0x280
[  563.757474][    C0]  ? _printk+0xcc/0x110
[  563.761654][    C0]  ? cpu_online+0x1d/0x30
[  563.765999][    C0]  ? load_image+0x3b0/0x3b0
[  563.770522][    C0]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  563.776693][    C0]  nmi_trigger_cpumask_backtrace+0x163/0x280
[  563.782691][    C0]  rcu_check_gp_kthread_starvation+0x1cd/0x250
[  563.788867][    C0]  print_other_cpu_stall+0x10c8/0x1220
[  563.794347][    C0]  ? print_cpu_stall+0x5f0/0x5f0
[  563.799300][    C0]  ? timekeeping_advance+0x7f6/0xac0
[  563.804613][    C0]  rcu_sched_clock_irq+0x831/0x1110
[  563.809831][    C0]  ? rcutree_dead_cpu+0x20/0x20
[  563.814702][    C0]  ? account_process_tick+0x227/0x3a0
[  563.820098][    C0]  update_process_times+0x193/0x200
[  563.825316][    C0]  tick_sched_timer+0x37d/0x560
[  563.830195][    C0]  __hrtimer_run_queues+0x4fe/0xc40
[  563.835419][    C0]  ? tick_setup_sched_timer+0x2c0/0x2c0
[  563.840997][    C0]  ? hrtimer_interrupt+0x8d0/0x8d0
[  563.846131][    C0]  ? ktime_get_update_offsets_now+0x3ce/0x3e0
[  563.852241][    C0]  hrtimer_interrupt+0x3bb/0x8d0
[  563.857231][    C0]  __sysvec_apic_timer_interrupt+0x137/0x4a0
[  563.863225][    C0]  sysvec_apic_timer_interrupt+0x9b/0xc0
[  563.868960][    C0]  </IRQ>
[  563.871907][    C0]  <TASK>
[  563.874855][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  563.880849][    C0] RIP: 0010:smp_call_function_single+0x212/0x490
[  563.887218][    C0] Code: 48 44 89 f6 83 e6 01 31 ff e8 ca 5e 0b 00 41 83 e6 01 49 bc 00 00 00 00 00 fc ff df 75 0a e8 55 5b 0b 00 e9 a3 00 00 00 f3 90 <f7> 44 24 48 01 00 00 00 0f 84 8e 00 00 00 e8 3b 5b 0b 00 eb e9 e8
[  563.906842][    C0] RSP: 0018:ffffc9000330fa40 EFLAGS: 00000293
[  563.912935][    C0] RAX: ffffffff816c6f55 RBX: 0000000000000000 RCX: ffff88805f0a9dc0
[  563.920917][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  563.928896][    C0] RBP: ffffc9000330fb30 R08: dffffc0000000000 R09: ffffed1017227681
[  563.936882][    C0] R10: ffffed1017227681 R11: 1ffff11017227680 R12: dffffc0000000000
[  563.944864][    C0] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff92000661f4c
[  563.952857][    C0]  ? smp_call_function_single+0x225/0x490
[  563.958605][    C0]  ? rcu_rdp_is_offloaded+0x180/0x180
[  563.963991][    C0]  ? flush_smp_call_function_from_idle+0x230/0x230
[  563.970510][    C0]  ? rcu_rdp_is_offloaded+0x180/0x180
[  563.975904][    C0]  ? rcu_read_lock_bh_held+0xe0/0xe0
[  563.981225][    C0]  rcu_barrier+0x25d/0x4b0
[  563.985675][    C0]  ? cond_synchronize_rcu+0x20/0x20
[  563.990888][    C0]  ? read_lock_is_recursive+0x10/0x10
[  563.996283][    C0]  ? __schedule+0x11c3/0x4390
[  564.001070][    C0]  fqdir_free_fn+0x2f/0x130
[  564.005594][    C0]  process_one_work+0x863/0x1000
[  564.010565][    C0]  ? worker_detach_from_pool+0x240/0x240
[  564.016211][    C0]  ? lockdep_hardirqs_off+0x70/0x100
[  564.021570][    C0]  ? _raw_spin_lock_irq+0xab/0xe0
[  564.026619][    C0]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  564.032012][    C0]  ? wq_worker_running+0x97/0x170
[  564.037057][    C0]  worker_thread+0xaa8/0x12a0
[  564.041789][    C0]  kthread+0x436/0x520
[  564.045869][    C0]  ? rcu_lock_release+0x20/0x20
[  564.050733][    C0]  ? kthread_blkcg+0xd0/0xd0
[  564.055499][    C0]  ret_from_fork+0x1f/0x30
[  564.059974][    C0]  </TASK>